Your message dated Sun, 25 Jan 2009 11:32:23 +0000 with message-id <E1LR3Dz-0004u4-0e@ries.debian.org> and subject line Bug#506180: fixed in cups 1.3.9-12 has caused the Debian Bug report #506180, regarding CVE-2008-5183: daemon crashes when adding more than 100 subscriptions to be marked as done. This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact owner@bugs.debian.org immediately.) -- 506180: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=506180 Debian Bug Tracking System Contact owner@bugs.debian.org with problems
--- Begin Message ---
- To: submit@bugs.debian.org
- Subject: CUPS: daemon crashes when adding more than 100 rss subscriptions
- From: Raphael Geissert <atomo64@gmail.com>
- Date: Tue, 18 Nov 2008 21:22:06 -0600
- Message-id: <200811182122.14549.atomo64@gmail.com>
Source: cups Severity: important Version: 1.3.7-1 Tags: security Hi, An exploit[0][1] has been published for CUPS. > The daemon crashes when more than 100 RSS Subscriptions are added which has > been successfully tested on the latest versions of openSuse and Ubuntu > Desktop at time of writing (11.0 and 8.04.1 respectively). For some reason, > the user doesn’t need to login to add RSS subscriptions, although > authentication is required to perform other actions. I’m not sure if this > bug can lead to remote code execution. Further investigation/gdbing is > required. Note: when reproducing it locally in a default Debian setup, I was required to login before the RSS subscriptions could be added and then crash cupsd. If you fix the vulnerability please also make sure to include the CVE id when one is assigned in the changelog entry. [0]http://www.gnucitizen.org/blog/pwning-ubuntu-via-cups/ [1]http://www.milw0rm.com/exploits/7151 Cheers, -- Raphael Geissert - Debian Maintainer www.debian.org - get.debian.netAttachment: signature.asc
Description: This is a digitally signed message part.
--- End Message ---
--- Begin Message ---
- To: 506180-close@bugs.debian.org
- Subject: Bug#506180: fixed in cups 1.3.9-12
- From: Till Kamppeter <till.kamppeter@gmail.com>
- Date: Sun, 25 Jan 2009 11:32:23 +0000
- Message-id: <E1LR3Dz-0004u4-0e@ries.debian.org>
Source: cups Source-Version: 1.3.9-12 We believe that the bug you reported is fixed in the latest version of cups, which is due to be installed in the Debian FTP archive: cups-bsd_1.3.9-12_i386.deb to pool/main/c/cups/cups-bsd_1.3.9-12_i386.deb cups-client_1.3.9-12_i386.deb to pool/main/c/cups/cups-client_1.3.9-12_i386.deb cups-common_1.3.9-12_all.deb to pool/main/c/cups/cups-common_1.3.9-12_all.deb cups-dbg_1.3.9-12_i386.deb to pool/main/c/cups/cups-dbg_1.3.9-12_i386.deb cups_1.3.9-12.diff.gz to pool/main/c/cups/cups_1.3.9-12.diff.gz cups_1.3.9-12.dsc to pool/main/c/cups/cups_1.3.9-12.dsc cups_1.3.9-12_i386.deb to pool/main/c/cups/cups_1.3.9-12_i386.deb cupsys-bsd_1.3.9-12_all.deb to pool/main/c/cups/cupsys-bsd_1.3.9-12_all.deb cupsys-client_1.3.9-12_all.deb to pool/main/c/cups/cupsys-client_1.3.9-12_all.deb cupsys-common_1.3.9-12_all.deb to pool/main/c/cups/cupsys-common_1.3.9-12_all.deb cupsys-dbg_1.3.9-12_all.deb to pool/main/c/cups/cupsys-dbg_1.3.9-12_all.deb cupsys_1.3.9-12_all.deb to pool/main/c/cups/cupsys_1.3.9-12_all.deb libcups2-dev_1.3.9-12_i386.deb to pool/main/c/cups/libcups2-dev_1.3.9-12_i386.deb libcups2_1.3.9-12_i386.deb to pool/main/c/cups/libcups2_1.3.9-12_i386.deb libcupsimage2-dev_1.3.9-12_i386.deb to pool/main/c/cups/libcupsimage2-dev_1.3.9-12_i386.deb libcupsimage2_1.3.9-12_i386.deb to pool/main/c/cups/libcupsimage2_1.3.9-12_i386.deb libcupsys2-dev_1.3.9-12_all.deb to pool/main/c/cups/libcupsys2-dev_1.3.9-12_all.deb libcupsys2_1.3.9-12_all.deb to pool/main/c/cups/libcupsys2_1.3.9-12_all.deb A summary of the changes between this version and the previous one is attached. Thank you for reporting the bug, which will now be closed. If you have further comments please address them to 506180@bugs.debian.org, and the maintainer will reopen the bug report if appropriate. Debian distribution maintenance software pp. Till Kamppeter <till.kamppeter@gmail.com> (supplier of updated cups package) (This message was generated automatically at their request; if you believe that there is a problem with it please contact the archive administrators by mailing ftpmaster@debian.org) -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Format: 1.8 Date: Sun, 25 Jan 2009 12:05:44 +0100 Source: cups Binary: libcups2 libcupsimage2 cups cups-client libcups2-dev libcupsimage2-dev cups-bsd cups-common cups-dbg cupsys cupsys-client cupsys-common cupsys-bsd cupsys-dbg libcupsys2 libcupsys2-dev Architecture: source all i386 Version: 1.3.9-12 Distribution: experimental Urgency: low Maintainer: Ubuntu Core Developers <ubuntu-devel-discuss@lists.ubuntu.com> Changed-By: Till Kamppeter <till.kamppeter@gmail.com> Description: cups - Common UNIX Printing System(tm) - server cups-bsd - Common UNIX Printing System(tm) - BSD commands cups-client - Common UNIX Printing System(tm) - client programs (SysV) cups-common - Common UNIX Printing System(tm) - common files cups-dbg - Common UNIX Printing System(tm) - debugging symbols cupsys - Common UNIX Printing System (transitional package) cupsys-bsd - Common UNIX Printing System (transitional package) cupsys-client - Common UNIX Printing System (transitional package) cupsys-common - Common UNIX Printing System (transitional package) cupsys-dbg - Common UNIX Printing System (transitional package) libcups2 - Common UNIX Printing System(tm) - libs libcups2-dev - Common UNIX Printing System(tm) - development files libcupsimage2 - Common UNIX Printing System(tm) - image libs libcupsimage2-dev - Common UNIX Printing System(tm) - image development files libcupsys2 - Common UNIX Printing System (transitional package) libcupsys2-dev - Common UNIX Printing System (transitional package) Closes: 506180 Changes: cups (1.3.9-12) experimental; urgency=low . [ Till Kamppeter ] * debian/local/filters/pdf-filters/pdftopdf/P2PPage.cxx, debian/local/filters/pdf-filters/pdftopdf/pdftopdf.cxx: Do not reposition the pages when an automatic rotation did not actually take place and do not apply the page size and margins from the PPD file or the coomand line if no manipulations affecting the printout size are done (N-up, scaling, fitplot, ...). This caused LP: #310575. . * debian/cups.postinst: Let the PPD files of the existing print queues get automatically updated after each installation of this package (if they use PPDs of this package). . [ Marc Deslauriers ] * SECURITY UPDATE: denial of service by adding a large number of RSS subscriptions (Closes: #506180, LP: #298241) - debian/patches/CVE-2008-5183.dpatch: gracefully handle MaxSubscriptions being reached in scheduler/{ipp.c,subscriptions.c} - CVE-2008-5183 . [ Martin Pitt ] * pidfile.dpatch: Adapt to changes from MaxSubscriptions fix from above. Checksums-Sha1: e8c36ef5f2e7c69d5168c3c05053402fb06cef22 1996 cups_1.3.9-12.dsc 7fac3061c4a2e1e46ea242d6f11582def58e7517 324982 cups_1.3.9-12.diff.gz 2b077def7a99791104c9255a5afec78f5fb77b38 1181762 cups-common_1.3.9-12_all.deb a3392b5786390728fe988227d37946f89581eb3b 58244 cupsys_1.3.9-12_all.deb 6989e7ee96fdced4be84dbc1fa0e43cd593cea2d 58266 cupsys-client_1.3.9-12_all.deb eb9b72a49441ebb9a51463f1cc580f777c283fa8 58262 cupsys-common_1.3.9-12_all.deb ecebe12865823ca2cc042176d3b53aef39aa4384 58260 cupsys-bsd_1.3.9-12_all.deb c8d53fd3eb18ba6278707f0c35c28576f303753f 58260 cupsys-dbg_1.3.9-12_all.deb 868545c46bb432fc8219330f1a87cf24363cd104 58266 libcupsys2_1.3.9-12_all.deb 8c6806d804720bda5fcf26aa09595f769bd2c781 58276 libcupsys2-dev_1.3.9-12_all.deb f3fabdca5ff8fa058a1d35ef093b2b353392c6d6 171612 libcups2_1.3.9-12_i386.deb c38d8a85961d0d4835272270911ef5a4194fe852 105560 libcupsimage2_1.3.9-12_i386.deb 916d8327168161c41b83785b8ca7b06a945af069 2207620 cups_1.3.9-12_i386.deb 755c9de05e0a7d2b0bc3403dffcf397df91f9610 115786 cups-client_1.3.9-12_i386.deb f2569df14d473a074238e15a02fd70896024172f 401796 libcups2-dev_1.3.9-12_i386.deb c8e4f9fa498093fc92456ea07880a9c9e02647a3 60628 libcupsimage2-dev_1.3.9-12_i386.deb 610e81b4b3bc9d4fdc0fea7ba8309f4082dd816f 36594 cups-bsd_1.3.9-12_i386.deb f7d7e36259b4ab19b10fea747ee3acadfe741df4 1517232 cups-dbg_1.3.9-12_i386.deb Checksums-Sha256: 3aa7fe2270079da0b54d51792f192be213f7de45ba8ce8a05d7bd9419ccc3436 1996 cups_1.3.9-12.dsc ce00f2836713b3e96ed5b064b6f4a27de83bdcc9d06d5d943e8558389dd00a5d 324982 cups_1.3.9-12.diff.gz cb7f31594aa1101872591a6d53573bb6f4973c148cfd07eb4bdd0bd0e65bc74f 1181762 cups-common_1.3.9-12_all.deb 185ccfb295e5bea2094390c7a73390d190cdddbe11ec288b524e08a413486a44 58244 cupsys_1.3.9-12_all.deb d3df4bd9dca2b9d3ab6a654b02a1ced890ea8e6900d9259c71e44ab59ef488ad 58266 cupsys-client_1.3.9-12_all.deb fe1e6c90f8c0790a9461e6ab2fb397da146aecf86bd82483ce19725706e90fc3 58262 cupsys-common_1.3.9-12_all.deb 2c53ec1a9dd86d783eb02703cf56f1983a75551bfcebdcf58fff1b600dc12ed5 58260 cupsys-bsd_1.3.9-12_all.deb ab70bd3b57e1febc223c9cbdae5c839a25df418a7f2db8903c136f2ace5a1890 58260 cupsys-dbg_1.3.9-12_all.deb 02a88565272539cf861bbcdfbb2ccbb12c04cdb783b287bc80761644ef36a634 58266 libcupsys2_1.3.9-12_all.deb 4e3abfe0847f1c9b9ceee8ac88c3a245b1b097e35818d7c5ae7ad2a271b3cb7d 58276 libcupsys2-dev_1.3.9-12_all.deb a9e2b1060c0a5ff0f8274eea2427068133add5b6a5025e2efddb2febd629798c 171612 libcups2_1.3.9-12_i386.deb f786f08599a3529a4f33d40c98b5edf33a07262703d0df785c23ae9b27180d13 105560 libcupsimage2_1.3.9-12_i386.deb e4f6ea6359fb215ae327c9b26d88c7c88f8516bb4aedbe2096bfcc22924dbbd0 2207620 cups_1.3.9-12_i386.deb 7db6be72f66225fa6f4fc1ea71aca16b1aea9a9b5ba829f84e265042fd8f6225 115786 cups-client_1.3.9-12_i386.deb 5fc8c260835c4037f458414248f95ca5feeb8d533a627a024281e5472ffddb70 401796 libcups2-dev_1.3.9-12_i386.deb ec8550cb4e18185c000d0396a11b039fc58cc597057523a4fdb299fd56d9fe0f 60628 libcupsimage2-dev_1.3.9-12_i386.deb 0ed18cde7f5bbac0bcbb20d12945e840488a61a74b3d3ad0621c4544785130ec 36594 cups-bsd_1.3.9-12_i386.deb 304d8cc89da42904ebad1f06c475a3efd0c07a127d06b5151664a53e4930d0aa 1517232 cups-dbg_1.3.9-12_i386.deb Files: 455796a8fef80118fc3a0dbabeb455dd 1996 net optional cups_1.3.9-12.dsc d1febb11a80f8f8ba3aca237c97f8482 324982 net optional cups_1.3.9-12.diff.gz d910c6f8ead06296748b18c5b26ff3b8 1181762 net optional cups-common_1.3.9-12_all.deb d3a687345f3af9df82c713b95b6f121a 58244 oldlibs extra cupsys_1.3.9-12_all.deb 4ec581050e3ecdd16cbd01db70ee1caf 58266 oldlibs extra cupsys-client_1.3.9-12_all.deb 1f27fcb6d8fc35ca21687ee3d890b3da 58262 oldlibs extra cupsys-common_1.3.9-12_all.deb 8fb1816227d9b2c0748c04ecb0766c31 58260 oldlibs extra cupsys-bsd_1.3.9-12_all.deb 02d6b1ea44c166d21775359d002e0e43 58260 oldlibs extra cupsys-dbg_1.3.9-12_all.deb c8ee8f14832f29a3347d0c096833f0b1 58266 oldlibs extra libcupsys2_1.3.9-12_all.deb cb92052b102c224f4325d7ecee05c8ad 58276 oldlibs extra libcupsys2-dev_1.3.9-12_all.deb 9fab8633f8e7e751b7352fb54b00fc0c 171612 libs optional libcups2_1.3.9-12_i386.deb 871c664725354de8357d542659bc1774 105560 libs optional libcupsimage2_1.3.9-12_i386.deb a0450b3c3f05c3f601d35762d4f1cec4 2207620 net optional cups_1.3.9-12_i386.deb 784c67570c17cf258296e45e19711653 115786 net optional cups-client_1.3.9-12_i386.deb 4bec5cfe2f368bce36aae617886733a2 401796 libdevel optional libcups2-dev_1.3.9-12_i386.deb 8919dde0587ec2e5357a85f5f340cf15 60628 libdevel optional libcupsimage2-dev_1.3.9-12_i386.deb 7dadee9de16121af273cadb2f7098ff2 36594 net extra cups-bsd_1.3.9-12_i386.deb 6751f8cb7bc6660bb69ed2dba59b3fe3 1517232 libdevel extra cups-dbg_1.3.9-12_i386.deb Original-Maintainer: Debian CUPS Maintainers <pkg-cups-devel@lists.alioth.debian.org> -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.9 (GNU/Linux) iEYEARECAAYFAkl8SjoACgkQDecnbV4Fd/IxmACfYCdtbdjjDJjVH2wk4JeHiVLs g/oAoIl+1lyzSyYvHY9W7Az4iUsW6wLp =crLC -----END PGP SIGNATURE-----
--- End Message ---