Advisories ยป MGASA-2014-0267

Updated cups-filter packages fix security vulnerabilities

Publication date: 19 Jun 2014
Modification date: 19 Jun 2014
Type: security
Affected Mageia releases : 4
CVE: CVE-2014-4336 , CVE-2014-4337 , CVE-2014-4338

Description

In cups-filters before 1.0.53, out-of-bounds accesses in the
process_browse_data function when reading the packet variable could
leading to a crash, thus resulting in a denial of service 
(CVE-2014-4337).

In cups-filters before 1.0.53, if there was only a single BrowseAllow
line in cups-browsed.conf and its host specification was invalid, this
was interpreted as if no BrowseAllow line had been specified, which
resulted in it accepting browse packets from all hosts (CVE-2014-4338).

The CVE-2014-2707 issue with malicious broadcast packets, which had been
fixed in Mageia Bug 13216 (MGASA-2014-0181), had not been completely
fixed by that update. A more complete fix was implemented in
cups-filters 1.0.53 (CVE-2014-4336).

Note that only systems that have enabled the affected feature by using
the CreateIPPPrinterQueues configuration directive in
/etc/cups/cups-browsed.conf were affected by the CVE-2014-2707 / 
CVE-2014-4336 issue.
                

References

SRPMS

4/core