[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[debian-users:37360] Forward: [SECURITY] [DSA-317-1] New cupsys packages fix denial of service



ã“ã®DSAã¯potatoã«ã‚‚é©ç”¨ã•ã‚Œã¾ã™ã€‚

ç¾åœ¨ã® Debian 安定版 (3.0 woody) ã«ã‚»ã‚­ãƒ¥ãƒªãƒ†ã‚£ã«é–¢ã™ã‚‹æ·±åˆ»ãªå•é¡ŒãŒç™ºè¦‹
ã•ã‚Œã¾ã—ãŸã€‚

対象パッケージ: cupsys

対処済ã¿ã®ãƒ‘ッケージã«æ›´æ–°ã™ã‚‹ã«ã¯ã€

deb http://security.debian.org/ stable/updates main contrib non-free

ã‚’ /etc/apt/sources.list ã«è¿½åŠ ã—ã€

apt-get update ; apt-get upgrade

を実行ã—ã¦ãã ã•ã„。

詳細ã«ã¤ã„ã¦ã¯æ·»ä»˜ã®ã‚¢ãƒŠã‚¦ãƒ³ã‚¹ã‚’ã”覧ãã ã•ã„。

--- Begin Message ---
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

- --------------------------------------------------------------------------
Debian Security Advisory DSA 317-1                     security@debian.org
http://www.debian.org/security/                             Matt Zimmerman
June 11th, 2003                         http://www.debian.org/security/faq
- --------------------------------------------------------------------------

Package        : cupsys
Vulnerability  : denial of service
Problem-Type   : remote
Debian-specific: no
CVE Id         : CAN-2003-0195

The CUPS print server in Debian is vulnerable to a denial of service
when an HTTP request is received without being properly terminated.

For the stable distribution (woody) this problem has been fixed in
version 1.1.14-5.

For the old stable distribution (potato) this problem has been fixed
in version 1.0.4-12.2.

For the unstable distribution (sid) these problems are fixed in
version 1.1.19final-1.

We recommend that you update your cupsys package.

Upgrade Instructions
- --------------------

wget url
        will fetch the file for you
dpkg -i file.deb
        will install the referenced file.

If you are using the apt-get package manager, use the line for
sources.list as given below:

apt-get update
        will update the internal database
apt-get upgrade
        will install corrected packages

You may use an automated update by adding the resources from the
footer to the proper configuration.

Debian GNU/Linux 2.2 alias potato
- ---------------------------------

  Source archives:

    http://security.debian.org/pool/updates/main/c/cupsys/cupsys_1.0.4-12.2.dsc
      Size/MD5 checksum:      655 62f4187f7688d12d1cb2dc8f3ceddcb4
    http://security.debian.org/pool/updates/main/c/cupsys/cupsys_1.0.4-12.2.diff.gz
      Size/MD5 checksum:    32179 70555e86da9e760ae56aab28ae90c6d5
    http://security.debian.org/pool/updates/main/c/cupsys/cupsys_1.0.4.orig.tar.gz
      Size/MD5 checksum:  3147998 d753d8b3c2506a9b97bf4f22ca53f38b

  Alpha architecture:

    http://security.debian.org/pool/updates/main/c/cupsys/cupsys_1.0.4-12.2_alpha.deb
      Size/MD5 checksum:  2437792 68586395d797a4e61722767cef136a37
    http://security.debian.org/pool/updates/main/c/cupsys/cupsys-bsd_1.0.4-12.2_alpha.deb
      Size/MD5 checksum:    18086 6e9493d7a8fa81d23a6a1f5ede22a202
    http://security.debian.org/pool/updates/main/c/cupsys/libcupsys1_1.0.4-12.2_alpha.deb
      Size/MD5 checksum:    88128 d17fc2e76871efee28cfcdc3fa613ef7
    http://security.debian.org/pool/updates/main/c/cupsys/libcupsys1-dev_1.0.4-12.2_alpha.deb
      Size/MD5 checksum:   118130 01a41f44933ac8a6515b034be8fe15dd

  ARM architecture:

    http://security.debian.org/pool/updates/main/c/cupsys/cupsys_1.0.4-12.2_arm.deb
      Size/MD5 checksum:  2336828 7dcec02babb951364408797a55e4da54
    http://security.debian.org/pool/updates/main/c/cupsys/cupsys-bsd_1.0.4-12.2_arm.deb
      Size/MD5 checksum:    17248 53ec17c74322643e8fef2365bfdbc5ea
    http://security.debian.org/pool/updates/main/c/cupsys/libcupsys1_1.0.4-12.2_arm.deb
      Size/MD5 checksum:    65418 9bd20224686a76d0718d611817520e1d
    http://security.debian.org/pool/updates/main/c/cupsys/libcupsys1-dev_1.0.4-12.2_arm.deb
      Size/MD5 checksum:    92906 2b26c2727fa1d17c7f20c8302224e900

  Intel IA-32 architecture:

    http://security.debian.org/pool/updates/main/c/cupsys/cupsys_1.0.4-12.2_i386.deb
      Size/MD5 checksum:  2296854 5604e4ef5b8f5745b24e928572f4ea00
    http://security.debian.org/pool/updates/main/c/cupsys/cupsys-bsd_1.0.4-12.2_i386.deb
      Size/MD5 checksum:    16834 80f1e31bb576a747171ceee897a08395
    http://security.debian.org/pool/updates/main/c/cupsys/libcupsys1_1.0.4-12.2_i386.deb
      Size/MD5 checksum:    65090 1b7eb1299370c942369c007ca88a4a19
    http://security.debian.org/pool/updates/main/c/cupsys/libcupsys1-dev_1.0.4-12.2_i386.deb
      Size/MD5 checksum:    83476 257fd71bba53040177c67d0acc4af963

  Motorola 680x0 architecture:

    http://security.debian.org/pool/updates/main/c/cupsys/cupsys_1.0.4-12.2_m68k.deb
      Size/MD5 checksum:  2245650 a539f8c6bca41313c3bcafcade951e92
    http://security.debian.org/pool/updates/main/c/cupsys/cupsys-bsd_1.0.4-12.2_m68k.deb
      Size/MD5 checksum:    16222 9de04da1ae83802aeb176ac768547b44
    http://security.debian.org/pool/updates/main/c/cupsys/libcupsys1_1.0.4-12.2_m68k.deb
      Size/MD5 checksum:    60304 5b7af092247d34a55ed31de79727d861
    http://security.debian.org/pool/updates/main/c/cupsys/libcupsys1-dev_1.0.4-12.2_m68k.deb
      Size/MD5 checksum:    76378 b4c2cb0c1d44881398da9edca2179246

  PowerPC architecture:

    http://security.debian.org/pool/updates/main/c/cupsys/cupsys_1.0.4-12.2_powerpc.deb
      Size/MD5 checksum:  2331472 d6b315e38ba84bcc85b9a46b3a15ac23
    http://security.debian.org/pool/updates/main/c/cupsys/cupsys-bsd_1.0.4-12.2_powerpc.deb
      Size/MD5 checksum:    16624 897f83ebf718f6f83fc2f39598b0db5c
    http://security.debian.org/pool/updates/main/c/cupsys/libcupsys1_1.0.4-12.2_powerpc.deb
      Size/MD5 checksum:    68590 04ffc914f4f6da8e9e295be7a5d2b717
    http://security.debian.org/pool/updates/main/c/cupsys/libcupsys1-dev_1.0.4-12.2_powerpc.deb
      Size/MD5 checksum:    89904 c5ebfeeda1bfceb42f6f12eb15038c56

  Sun Sparc architecture:

    http://security.debian.org/pool/updates/main/c/cupsys/cupsys_1.0.4-12.2_sparc.deb
      Size/MD5 checksum:  2349170 fe795cb085fc8210aa53b4f83d3f8303
    http://security.debian.org/pool/updates/main/c/cupsys/cupsys-bsd_1.0.4-12.2_sparc.deb
      Size/MD5 checksum:    16860 6ff9f5d5967097196900a19599352e69
    http://security.debian.org/pool/updates/main/c/cupsys/libcupsys1_1.0.4-12.2_sparc.deb
      Size/MD5 checksum:    71574 edf96b9318e8d49254ae6ad3d78a89e5
    http://security.debian.org/pool/updates/main/c/cupsys/libcupsys1-dev_1.0.4-12.2_sparc.deb
      Size/MD5 checksum:    89630 03b72fddbe710bca0a74a34a0461ae2c

Debian GNU/Linux 3.0 alias woody
- --------------------------------

  Source archives:

    http://security.debian.org/pool/updates/main/c/cupsys/cupsys_1.1.14-5.dsc
      Size/MD5 checksum:      698 d8e9f0cbef70faa7a8f977da6e3fbd93
    http://security.debian.org/pool/updates/main/c/cupsys/cupsys_1.1.14-5.diff.gz
      Size/MD5 checksum:    37098 4cd82a8a1616de6ae7b2fc3d646ed8fe
    http://security.debian.org/pool/updates/main/c/cupsys/cupsys_1.1.14.orig.tar.gz
      Size/MD5 checksum:  6150756 0dfa41f29fa73e7744903b2471d2ca2f

  Alpha architecture:

    http://security.debian.org/pool/updates/main/c/cupsys/cupsys_1.1.14-5_alpha.deb
      Size/MD5 checksum:  1899134 dcb4b6347d0b476dae89be122b39e2eb
    http://security.debian.org/pool/updates/main/c/cupsys/cupsys-bsd_1.1.14-5_alpha.deb
      Size/MD5 checksum:    73962 0b4b8df7cbbff8ffc5257bc1a517c179
    http://security.debian.org/pool/updates/main/c/cupsys/cupsys-client_1.1.14-5_alpha.deb
      Size/MD5 checksum:    92600 3aea4a863525bd32cc5dfc302de54121
    http://security.debian.org/pool/updates/main/c/cupsys/cupsys-pstoraster_1.1.14-5_alpha.deb
      Size/MD5 checksum:  2445454 f21eeeda531ea8161c224036fc9879b0
    http://security.debian.org/pool/updates/main/c/cupsys/libcupsys2_1.1.14-5_alpha.deb
      Size/MD5 checksum:   137630 54f0a920320e84654c4f4e5f4081eaa6
    http://security.debian.org/pool/updates/main/c/cupsys/libcupsys2-dev_1.1.14-5_alpha.deb
      Size/MD5 checksum:   180558 1226c233b2e7a9112a5ba8b650008071

  ARM architecture:

    http://security.debian.org/pool/updates/main/c/cupsys/cupsys_1.1.14-5_arm.deb
      Size/MD5 checksum:  1821286 58e362b98239e909ae33428d5171443a
    http://security.debian.org/pool/updates/main/c/cupsys/cupsys-bsd_1.1.14-5_arm.deb
      Size/MD5 checksum:    68108 f4f3f92b9d79dab00940a5a6758d5406
    http://security.debian.org/pool/updates/main/c/cupsys/cupsys-client_1.1.14-5_arm.deb
      Size/MD5 checksum:    85296 671027bcdef6f2dd3fbafc88f2b7f0b0
    http://security.debian.org/pool/updates/main/c/cupsys/cupsys-pstoraster_1.1.14-5_arm.deb
      Size/MD5 checksum:  2345502 2660201c3a1c0a3381dea45829f2d029
    http://security.debian.org/pool/updates/main/c/cupsys/libcupsys2_1.1.14-5_arm.deb
      Size/MD5 checksum:   112622 4084c872746fd9fc7b32994285bb4a1a
    http://security.debian.org/pool/updates/main/c/cupsys/libcupsys2-dev_1.1.14-5_arm.deb
      Size/MD5 checksum:   150036 74969c5e6cb230fd01840ec8d9cfb1c3

  Intel IA-32 architecture:

    http://security.debian.org/pool/updates/main/c/cupsys/cupsys_1.1.14-5_i386.deb
      Size/MD5 checksum:  1787996 3e7950c3c56e0daf070d1ffc68abd728
    http://security.debian.org/pool/updates/main/c/cupsys/cupsys-bsd_1.1.14-5_i386.deb
      Size/MD5 checksum:    67638 418c11ff1b4afe09fe5444bebcb28ce6
    http://security.debian.org/pool/updates/main/c/cupsys/cupsys-client_1.1.14-5_i386.deb
      Size/MD5 checksum:    83808 c0567c005914ae32aff65b8314a1412f
    http://security.debian.org/pool/updates/main/c/cupsys/cupsys-pstoraster_1.1.14-5_i386.deb
      Size/MD5 checksum:  2311616 482948c4d0f856529c53f19f81c2808c
    http://security.debian.org/pool/updates/main/c/cupsys/libcupsys2_1.1.14-5_i386.deb
      Size/MD5 checksum:   110654 f9ecb4934ee098f2ffa9f4939effb328
    http://security.debian.org/pool/updates/main/c/cupsys/libcupsys2-dev_1.1.14-5_i386.deb
      Size/MD5 checksum:   136264 1f12c18e24db07e1899e41450bb5dd11

  Intel IA-64 architecture:

    http://security.debian.org/pool/updates/main/c/cupsys/cupsys_1.1.14-5_ia64.deb
      Size/MD5 checksum:  2007428 2e71050b2af16539bac04dcd2a494467
    http://security.debian.org/pool/updates/main/c/cupsys/cupsys-bsd_1.1.14-5_ia64.deb
      Size/MD5 checksum:    77024 3a240e09125e4760a11fc9ec0a717639
    http://security.debian.org/pool/updates/main/c/cupsys/cupsys-client_1.1.14-5_ia64.deb
      Size/MD5 checksum:    96766 0190898c7cd23b3cd2395f581d04a667
    http://security.debian.org/pool/updates/main/c/cupsys/cupsys-pstoraster_1.1.14-5_ia64.deb
      Size/MD5 checksum:  2656402 e4a973aa88b3fb786cf22e512efa2072
    http://security.debian.org/pool/updates/main/c/cupsys/libcupsys2_1.1.14-5_ia64.deb
      Size/MD5 checksum:   155600 d6a1a3ab8a2da0ae7eeea6c708402029
    http://security.debian.org/pool/updates/main/c/cupsys/libcupsys2-dev_1.1.14-5_ia64.deb
      Size/MD5 checksum:   182558 b814b6d43cb8cf470a2b5710a136dcfd

  HP Precision architecture:

    http://security.debian.org/pool/updates/main/c/cupsys/cupsys_1.1.14-5_hppa.deb
      Size/MD5 checksum:  1881126 63a68e019a11aac8d40d52f9ff83967e
    http://security.debian.org/pool/updates/main/c/cupsys/cupsys-bsd_1.1.14-5_hppa.deb
      Size/MD5 checksum:    70430 1ede64635341a55b36b60f71500e9a67
    http://security.debian.org/pool/updates/main/c/cupsys/cupsys-client_1.1.14-5_hppa.deb
      Size/MD5 checksum:    89442 a494f46a9556ddbc4b45b374d8e51d5d
    http://security.debian.org/pool/updates/main/c/cupsys/cupsys-pstoraster_1.1.14-5_hppa.deb
      Size/MD5 checksum:  2455688 f3dd321dba6d2ea35c435c37e7c6b928
    http://security.debian.org/pool/updates/main/c/cupsys/libcupsys2_1.1.14-5_hppa.deb
      Size/MD5 checksum:   126252 3e16e6b53bf6479d7b0fe0f337352d26
    http://security.debian.org/pool/updates/main/c/cupsys/libcupsys2-dev_1.1.14-5_hppa.deb
      Size/MD5 checksum:   159180 fc4939ad20629d5590724418962f19e2

  Motorola 680x0 architecture:

    http://security.debian.org/pool/updates/main/c/cupsys/cupsys_1.1.14-5_m68k.deb
      Size/MD5 checksum:  1754486 93070aee659899fd16e9dc3d2a216a93
    http://security.debian.org/pool/updates/main/c/cupsys/cupsys-bsd_1.1.14-5_m68k.deb
      Size/MD5 checksum:    65898 01b904f8e17cade65565b63c642f9cf7
    http://security.debian.org/pool/updates/main/c/cupsys/cupsys-client_1.1.14-5_m68k.deb
      Size/MD5 checksum:    81000 b625a07a4d0d741d84759d81d68b300e
    http://security.debian.org/pool/updates/main/c/cupsys/cupsys-pstoraster_1.1.14-5_m68k.deb
      Size/MD5 checksum:  2261028 856feb8179b788e523e6a6c88afce6c0
    http://security.debian.org/pool/updates/main/c/cupsys/libcupsys2_1.1.14-5_m68k.deb
      Size/MD5 checksum:   105858 24a37f8e18b52b88e22d18302d3d1735
    http://security.debian.org/pool/updates/main/c/cupsys/libcupsys2-dev_1.1.14-5_m68k.deb
      Size/MD5 checksum:   128416 019a003fa1de011154d9b5601c0a1931

  Big endian MIPS architecture:

    http://security.debian.org/pool/updates/main/c/cupsys/cupsys_1.1.14-5_mips.deb
      Size/MD5 checksum:  1810972 e9d1421939f0b93cd95b1d505f302812
    http://security.debian.org/pool/updates/main/c/cupsys/cupsys-bsd_1.1.14-5_mips.deb
      Size/MD5 checksum:    67538 c90ecd70fb8c4eae02fa55732bb8ff45
    http://security.debian.org/pool/updates/main/c/cupsys/cupsys-client_1.1.14-5_mips.deb
      Size/MD5 checksum:    80958 8aa3c567755d5db530a985eecdbea256
    http://security.debian.org/pool/updates/main/c/cupsys/cupsys-pstoraster_1.1.14-5_mips.deb
      Size/MD5 checksum:  2404286 459e9627c908bd5540cfd6ea0419cc3a
    http://security.debian.org/pool/updates/main/c/cupsys/libcupsys2_1.1.14-5_mips.deb
      Size/MD5 checksum:   112404 645a755f5089ee5c64b61a0e4f71919e
    http://security.debian.org/pool/updates/main/c/cupsys/libcupsys2-dev_1.1.14-5_mips.deb
      Size/MD5 checksum:   150828 470fed7157c61c8c04664db4c4b4d935

  Little endian MIPS architecture:

    http://security.debian.org/pool/updates/main/c/cupsys/cupsys_1.1.14-5_mipsel.deb
      Size/MD5 checksum:  1811562 103cfa02aae226a094070d5f3ac5d3d0
    http://security.debian.org/pool/updates/main/c/cupsys/cupsys-bsd_1.1.14-5_mipsel.deb
      Size/MD5 checksum:    67514 4f1a4cbc9412c36b7281846067c81262
    http://security.debian.org/pool/updates/main/c/cupsys/cupsys-client_1.1.14-5_mipsel.deb
      Size/MD5 checksum:    80984 73090253e9044914fcc54b825fbc2b11
    http://security.debian.org/pool/updates/main/c/cupsys/cupsys-pstoraster_1.1.14-5_mipsel.deb
      Size/MD5 checksum:  2406572 108f891a2fe177f0e1c84ca44d63ece3
    http://security.debian.org/pool/updates/main/c/cupsys/libcupsys2_1.1.14-5_mipsel.deb
      Size/MD5 checksum:   112176 aeeb8a7cf8334afcf06b945bfcdf3c55
    http://security.debian.org/pool/updates/main/c/cupsys/libcupsys2-dev_1.1.14-5_mipsel.deb
      Size/MD5 checksum:   150646 271adca793dc88c1638b3678e5b2fa56

  PowerPC architecture:

    http://security.debian.org/pool/updates/main/c/cupsys/cupsys_1.1.14-5_powerpc.deb
      Size/MD5 checksum:  1799960 ddc40dda5fc8e316e405d114ee14c082
    http://security.debian.org/pool/updates/main/c/cupsys/cupsys-bsd_1.1.14-5_powerpc.deb
      Size/MD5 checksum:    67534 bf87487701aa0c8fd11bf455bf972bf2
    http://security.debian.org/pool/updates/main/c/cupsys/cupsys-client_1.1.14-5_powerpc.deb
      Size/MD5 checksum:    83094 88d8483159207532e16471ced0bfad0a
    http://security.debian.org/pool/updates/main/c/cupsys/cupsys-pstoraster_1.1.14-5_powerpc.deb
      Size/MD5 checksum:  2359434 e6cc4e0e75c8e18a44c28d0b4a8db6f7
    http://security.debian.org/pool/updates/main/c/cupsys/libcupsys2_1.1.14-5_powerpc.deb
      Size/MD5 checksum:   116408 2c7504ff43f285569ba0cfd0cfbc87e2
    http://security.debian.org/pool/updates/main/c/cupsys/libcupsys2-dev_1.1.14-5_powerpc.deb
      Size/MD5 checksum:   144854 3efab73d39f75627c0231bee2af525e4

  IBM S/390 architecture:

    http://security.debian.org/pool/updates/main/c/cupsys/cupsys_1.1.14-5_s390.deb
      Size/MD5 checksum:  1795366 e0130999dea734e7b53e4c30fe3a57fb
    http://security.debian.org/pool/updates/main/c/cupsys/cupsys-bsd_1.1.14-5_s390.deb
      Size/MD5 checksum:    68910 7f09597ee481040851d8f4b702909d5c
    http://security.debian.org/pool/updates/main/c/cupsys/cupsys-client_1.1.14-5_s390.deb
      Size/MD5 checksum:    85650 33da3795e9786cf0ecd6ec817a8906ce
    http://security.debian.org/pool/updates/main/c/cupsys/cupsys-pstoraster_1.1.14-5_s390.deb
      Size/MD5 checksum:  2337264 929b9bf3cef6c7c6af959811f440e908
    http://security.debian.org/pool/updates/main/c/cupsys/libcupsys2_1.1.14-5_s390.deb
      Size/MD5 checksum:   114946 0b44773caea7c1b039e1b920a2ab5723
    http://security.debian.org/pool/updates/main/c/cupsys/libcupsys2-dev_1.1.14-5_s390.deb
      Size/MD5 checksum:   140476 aceabfac589cd5bf64d919ea798342d1

  Sun Sparc architecture:

    http://security.debian.org/pool/updates/main/c/cupsys/cupsys_1.1.14-5_sparc.deb
      Size/MD5 checksum:  1844758 1e973cbe93dd47a1169efc3c371f6adb
    http://security.debian.org/pool/updates/main/c/cupsys/cupsys-bsd_1.1.14-5_sparc.deb
      Size/MD5 checksum:    70478 0d7ba3b1a0a389454f3873c32a25c6b8
    http://security.debian.org/pool/updates/main/c/cupsys/cupsys-client_1.1.14-5_sparc.deb
      Size/MD5 checksum:    83914 54f609e6d9972c9b5d069bd3a4387ba1
    http://security.debian.org/pool/updates/main/c/cupsys/cupsys-pstoraster_1.1.14-5_sparc.deb
      Size/MD5 checksum:  2354314 aa4a299d98fc23d4e1850f3b6c55ec9a
    http://security.debian.org/pool/updates/main/c/cupsys/libcupsys2_1.1.14-5_sparc.deb
      Size/MD5 checksum:   120092 a45b72479880f579f5f1d5f148ba87a3
    http://security.debian.org/pool/updates/main/c/cupsys/libcupsys2-dev_1.1.14-5_sparc.deb
      Size/MD5 checksum:   146370 8ebc656faec1d66166b2e88831896610

These files will probably be moved into the stable distribution on its
next revision.

- ---------------------------------------------------------------------------------
For apt-get: deb http://security.debian.org/ stable/updates main
For dpkg-ftp: ftp://security.debian.org/debian-security dists/stable/updates/main
Mailing list: debian-security-announce@lists.debian.org
Package info: `apt-cache show <pkg>' and http://packages.debian.org/<pkg>
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.2 (GNU/Linux)

iD8DBQE+5/EmArxCt0PiXR4RAlVFAKC8Rf+TwmWJ330+PKCn4N3+2GHmegCfXF2D
A3Wu+b+qM1kdRctJzMTRQMA=
=I4f0
-----END PGP SIGNATURE-----


-- 
To UNSUBSCRIBE, email to debian-security-announce-request@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org

--- End Message ---