Bug 13216 - cups-filters new security issue CVE-2014-2707
Summary: cups-filters new security issue CVE-2014-2707
Status: RESOLVED FIXED
Alias: None
Product: Mageia
Classification: Unclassified
Component: Security (show other bugs)
Version: 4
Hardware: i586 Linux
Priority: Normal critical
Target Milestone: ---
Assignee: QA Team
QA Contact: Sec team
URL: http://lwn.net/Vulnerabilities/595034/
Whiteboard: has_procedure advisory mga4-32-ok mga...
Keywords: validated_update
Depends on:
Blocks:
 
Reported: 2014-04-15 19:53 CEST by David Walser
Modified: 2014-04-17 22:37 CEST (History)
3 users (show)

See Also:
Source RPM: cups-filters-1.0.41-3.2.mga4.src.rpm
CVE:
Status comment:


Attachments

Description David Walser 2014-04-15 19:53:50 CEST
Fedora has issued an advisory on April 3:
https://lists.fedoraproject.org/pipermail/package-announce/2014-April/131485.html

It was fixed upstream in 1.0.51, so Cauldron is not affected.

Patched package uploaded for Mageia 4.

Advisory:
========================

Updated cups-filters packages fix security vulnerability:

Sebastian Krahmer discovered it was possible to use malicious broadcast
packets to execute arbitrary commands on a server running the cups-browsed
daemon (CVE-2014-2707).

Note that only systems that have enabled the affected feature by using the
CreateIPPPrinterQueues configuration directive in /etc/cups/cups-browsed.conf
are affected.

References:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2707
https://lists.fedoraproject.org/pipermail/package-announce/2014-April/131485.html
========================

Updated packages in core/updates_testing:
========================
cups-filters-1.0.41-3.3.mga4
libcups-filters1-1.0.41-3.3.mga4
libcups-filters-devel-1.0.41-3.3.mga4

from cups-filters-1.0.41-3.3.mga4.src.rpm

Reproducible: 

Steps to Reproduce:
Comment 1 David Walser 2014-04-15 20:48:36 CEST
Looks like the build system choked.  Subrel incremented, new build submitted.

Advisory:
========================

Updated cups-filters packages fix security vulnerability:

Sebastian Krahmer discovered it was possible to use malicious broadcast
packets to execute arbitrary commands on a server running the cups-browsed
daemon (CVE-2014-2707).

Note that only systems that have enabled the affected feature by using the
CreateIPPPrinterQueues configuration directive in /etc/cups/cups-browsed.conf
are affected.

References:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2707
https://lists.fedoraproject.org/pipermail/package-announce/2014-April/131485.html
========================

Updated packages in core/updates_testing:
========================
cups-filters-1.0.41-3.4.mga4
libcups-filters1-1.0.41-3.4.mga4
libcups-filters-devel-1.0.41-3.4.mga4

from cups-filters-1.0.41-3.4.mga4.src.rpm
Comment 2 Guillaume 2014-04-16 14:12:19 CEST
I tested it on my i586 setup. The HPlip test page printing is ok. 
Also tested with black and white page & one with colors.
Seems perfectly working for me.

CC: (none) => filorin.mageia

Comment 3 claire robinson 2014-04-16 14:23:28 CEST
Well done Guillaume, adding the OK

Whiteboard: (none) => has_procedure mga4-32-ok

Comment 4 claire robinson 2014-04-16 15:14:22 CEST
No regressions here mga4 64

Whiteboard: has_procedure mga4-32-ok => has_procedure mga4-32-ok mga4-64-ok

Comment 5 claire robinson 2014-04-16 15:17:09 CEST
Advisory uploaded. Validating.

Could sysadmin please push to 4 updates

Thanks

Keywords: (none) => validated_update
Whiteboard: has_procedure mga4-32-ok mga4-64-ok => has_procedure advisory mga4-32-ok mga4-64-ok
CC: (none) => sysadmin-bugs

David Walser 2014-04-16 23:59:46 CEST

URL: (none) => http://lwn.net/Vulnerabilities/595034/

Comment 6 Thomas Backlund 2014-04-17 22:37:29 CEST
Update pushed:
http://advisories.mageia.org/MGASA-2014-0181.html

Status: NEW => RESOLVED
CC: (none) => tmb
Resolution: (none) => FIXED


Note You need to log in before you can comment on or make changes to this bug.