Bug 13216

Summary: cups-filters new security issue CVE-2014-2707
Product: Mageia Reporter: David Walser <luigiwalser>
Component: SecurityAssignee: QA Team <qa-bugs>
Status: RESOLVED FIXED QA Contact: Sec team <security>
Severity: critical    
Priority: Normal CC: filorin, sysadmin-bugs, tmb
Version: 4Keywords: validated_update
Target Milestone: ---   
Hardware: i586   
OS: Linux   
URL: http://lwn.net/Vulnerabilities/595034/
Whiteboard: has_procedure advisory mga4-32-ok mga4-64-ok
Source RPM: cups-filters-1.0.41-3.2.mga4.src.rpm CVE:
Status comment:

Description David Walser 2014-04-15 19:53:50 CEST 
Fedora has issued an advisory on April 3:
https://lists.fedoraproject.org/pipermail/package-announce/2014-April/131485.html

It was fixed upstream in 1.0.51, so Cauldron is not affected.

Patched package uploaded for Mageia 4.

Advisory:
========================

Updated cups-filters packages fix security vulnerability:

Sebastian Krahmer discovered it was possible to use malicious broadcast
packets to execute arbitrary commands on a server running the cups-browsed
daemon (CVE-2014-2707).

Note that only systems that have enabled the affected feature by using the
CreateIPPPrinterQueues configuration directive in /etc/cups/cups-browsed.conf
are affected.

References:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2707
https://lists.fedoraproject.org/pipermail/package-announce/2014-April/131485.html
========================

Updated packages in core/updates_testing:
========================
cups-filters-1.0.41-3.3.mga4
libcups-filters1-1.0.41-3.3.mga4
libcups-filters-devel-1.0.41-3.3.mga4

from cups-filters-1.0.41-3.3.mga4.src.rpm

Reproducible: 

Steps to Reproduce:
Comment 1 David Walser 2014-04-15 20:48:36 CEST 
Looks like the build system choked.  Subrel incremented, new build submitted.

Advisory:
========================

Updated cups-filters packages fix security vulnerability:

Sebastian Krahmer discovered it was possible to use malicious broadcast
packets to execute arbitrary commands on a server running the cups-browsed
daemon (CVE-2014-2707).

Note that only systems that have enabled the affected feature by using the
CreateIPPPrinterQueues configuration directive in /etc/cups/cups-browsed.conf
are affected.

References:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2707
https://lists.fedoraproject.org/pipermail/package-announce/2014-April/131485.html
========================

Updated packages in core/updates_testing:
========================
cups-filters-1.0.41-3.4.mga4
libcups-filters1-1.0.41-3.4.mga4
libcups-filters-devel-1.0.41-3.4.mga4

from cups-filters-1.0.41-3.4.mga4.src.rpm
Comment 2 Guillaume 2014-04-16 14:12:19 CEST 
I tested it on my i586 setup. The HPlip test page printing is ok. 
Also tested with black and white page & one with colors.
Seems perfectly working for me.

CC: (none) => filorin.mageia

Comment 3 claire robinson 2014-04-16 14:23:28 CEST 
Well done Guillaume, adding the OK

Whiteboard: (none) => has_procedure mga4-32-ok

Comment 4 claire robinson 2014-04-16 15:14:22 CEST 
No regressions here mga4 64

Whiteboard: has_procedure mga4-32-ok => has_procedure mga4-32-ok mga4-64-ok

Comment 5 claire robinson 2014-04-16 15:17:09 CEST 
Advisory uploaded. Validating.

Could sysadmin please push to 4 updates

Thanks

Keywords: (none) => validated_update
Whiteboard: has_procedure mga4-32-ok mga4-64-ok => has_procedure advisory mga4-32-ok mga4-64-ok
CC: (none) => sysadmin-bugs

David Walser 2014-04-16 23:59:46 CEST

URL: (none) => http://lwn.net/Vulnerabilities/595034/

Comment 6 Thomas Backlund 2014-04-17 22:37:29 CEST 
Update pushed:
http://advisories.mageia.org/MGASA-2014-0181.html

Status: NEW => RESOLVED
CC: (none) => tmb
Resolution: (none) => FIXED