cups-2.1.3-2.3 on GA media SUSE Patch security@suse.de SUSE Security Team openSUSE-SU-2024:10075 Final 1 1 2024-06-17T21:45:33Z current 2024-06-17T21:45:33Z 2024-06-17T21:45:33Z cve-database/bin/generate-cvrf.pl 2017-02-24T01:00:00Z cups-2.1.3-2.3 on GA media These are all security issues fixed in the cups-2.1.3-2.3 package on the GA media of openSUSE Tumbleweed. The CVRF data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0). openSUSE-Tumbleweed-2024-10075 Copyright SUSE LLC under the Creative Commons License 4.0 with Attribution (CC-BY-4.0) E-Mail link for openSUSE-SU-2024:10075 https://www.suse.com/support/security/rating/ SUSE Security Ratings https://www.suse.com/security/cve/CVE-2009-0163/ SUSE CVE CVE-2009-0163 page https://www.suse.com/security/cve/CVE-2009-2820/ SUSE CVE CVE-2009-2820 page https://www.suse.com/security/cve/CVE-2009-3553/ SUSE CVE CVE-2009-3553 page https://www.suse.com/security/cve/CVE-2010-0393/ SUSE CVE CVE-2010-0393 page https://www.suse.com/security/cve/CVE-2010-0540/ SUSE CVE CVE-2010-0540 page https://www.suse.com/security/cve/CVE-2010-0542/ SUSE CVE CVE-2010-0542 page https://www.suse.com/security/cve/CVE-2010-1748/ SUSE CVE CVE-2010-1748 page https://www.suse.com/security/cve/CVE-2010-2941/ SUSE CVE CVE-2010-2941 page https://www.suse.com/security/cve/CVE-2012-5519/ SUSE CVE CVE-2012-5519 page https://www.suse.com/security/cve/CVE-2012-6094/ SUSE CVE CVE-2012-6094 page https://www.suse.com/security/cve/CVE-2014-2856/ SUSE CVE CVE-2014-2856 page https://www.suse.com/security/cve/CVE-2014-3537/ SUSE CVE CVE-2014-3537 page https://www.suse.com/security/cve/CVE-2014-5029/ SUSE CVE CVE-2014-5029 page https://www.suse.com/security/cve/CVE-2014-5030/ SUSE CVE CVE-2014-5030 page https://www.suse.com/security/cve/CVE-2014-5031/ SUSE CVE CVE-2014-5031 page https://www.suse.com/security/cve/CVE-2015-1158/ SUSE CVE CVE-2015-1158 page https://www.suse.com/security/cve/CVE-2015-1159/ SUSE CVE CVE-2015-1159 page openSUSE Tumbleweed cups-2.1.3-2.3 cups-client-2.1.3-2.3 cups-ddk-2.1.3-2.3 cups-devel-2.1.3-2.3 cups-devel-32bit-2.1.3-2.3 cups-libs-2.1.3-2.3 cups-libs-32bit-2.1.3-2.3 cups-2.1.3-2.3 as a component of openSUSE Tumbleweed cups-client-2.1.3-2.3 as a component of openSUSE Tumbleweed cups-ddk-2.1.3-2.3 as a component of openSUSE Tumbleweed cups-devel-2.1.3-2.3 as a component of openSUSE Tumbleweed cups-devel-32bit-2.1.3-2.3 as a component of openSUSE Tumbleweed cups-libs-2.1.3-2.3 as a component of openSUSE Tumbleweed cups-libs-32bit-2.1.3-2.3 as a component of openSUSE Tumbleweed Integer overflow in the TIFF image decoding routines in CUPS 1.3.9 and earlier allows remote attackers to cause a denial of service (daemon crash) and possibly execute arbitrary code via a crafted TIFF image, which is not properly handled by the (1) _cupsImageReadTIFF function in the imagetops filter and (2) imagetoraster filter, leading to a heap-based buffer overflow. CVE-2009-0163 openSUSE Tumbleweed:cups-2.1.3-2.3 openSUSE Tumbleweed:cups-client-2.1.3-2.3 openSUSE Tumbleweed:cups-ddk-2.1.3-2.3 openSUSE Tumbleweed:cups-devel-2.1.3-2.3 openSUSE Tumbleweed:cups-devel-32bit-2.1.3-2.3 openSUSE Tumbleweed:cups-libs-2.1.3-2.3 openSUSE Tumbleweed:cups-libs-32bit-2.1.3-2.3 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2009-0163.html CVE-2009-0163 https://bugzilla.suse.com/485895 SUSE Bug 485895 The web interface in CUPS before 1.4.2, as used on Apple Mac OS X before 10.6.2 and other platforms, does not properly handle (1) HTTP headers and (2) HTML templates, which allows remote attackers to conduct cross-site scripting (XSS) attacks and HTTP response splitting attacks via vectors related to (a) the product's web interface, (b) the configuration of the print system, and (c) the titles of printed jobs, as demonstrated by an XSS attack that uses the kerberos parameter to the admin program, and leverages attribute injection and HTTP Parameter Pollution (HPP) issues. CVE-2009-2820 openSUSE Tumbleweed:cups-2.1.3-2.3 openSUSE Tumbleweed:cups-client-2.1.3-2.3 openSUSE Tumbleweed:cups-ddk-2.1.3-2.3 openSUSE Tumbleweed:cups-devel-2.1.3-2.3 openSUSE Tumbleweed:cups-devel-32bit-2.1.3-2.3 openSUSE Tumbleweed:cups-libs-2.1.3-2.3 openSUSE Tumbleweed:cups-libs-32bit-2.1.3-2.3 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2009-2820.html CVE-2009-2820 https://bugzilla.suse.com/548317 SUSE Bug 548317 https://bugzilla.suse.com/551563 SUSE Bug 551563 https://bugzilla.suse.com/574336 SUSE Bug 574336 Use-after-free vulnerability in the abstract file-descriptor handling interface in the cupsdDoSelect function in scheduler/select.c in the scheduler in cupsd in CUPS 1.3.7 and 1.3.10 allows remote attackers to cause a denial of service (daemon crash or hang) via a client disconnection during listing of a large number of print jobs, related to improperly maintaining a reference count. NOTE: some of these details are obtained from third party information. CVE-2009-3553 openSUSE Tumbleweed:cups-2.1.3-2.3 openSUSE Tumbleweed:cups-client-2.1.3-2.3 openSUSE Tumbleweed:cups-ddk-2.1.3-2.3 openSUSE Tumbleweed:cups-devel-2.1.3-2.3 openSUSE Tumbleweed:cups-devel-32bit-2.1.3-2.3 openSUSE Tumbleweed:cups-libs-2.1.3-2.3 openSUSE Tumbleweed:cups-libs-32bit-2.1.3-2.3 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2009-3553.html CVE-2009-3553 https://bugzilla.suse.com/554861 SUSE Bug 554861 https://bugzilla.suse.com/574336 SUSE Bug 574336 https://bugzilla.suse.com/578215 SUSE Bug 578215 The _cupsGetlang function, as used by lppasswd.c in lppasswd in CUPS 1.2.2, 1.3.7, 1.3.9, and 1.4.1, relies on an environment variable to determine the file that provides localized message strings, which allows local users to gain privileges via a file that contains crafted localization data with format string specifiers. CVE-2010-0393 openSUSE Tumbleweed:cups-2.1.3-2.3 openSUSE Tumbleweed:cups-client-2.1.3-2.3 openSUSE Tumbleweed:cups-ddk-2.1.3-2.3 openSUSE Tumbleweed:cups-devel-2.1.3-2.3 openSUSE Tumbleweed:cups-devel-32bit-2.1.3-2.3 openSUSE Tumbleweed:cups-libs-2.1.3-2.3 openSUSE Tumbleweed:cups-libs-32bit-2.1.3-2.3 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2010-0393.html CVE-2010-0393 https://bugzilla.suse.com/574336 SUSE Bug 574336 Cross-site request forgery (CSRF) vulnerability in the web interface in CUPS before 1.4.4, as used on Apple Mac OS X 10.5.8, Mac OS X 10.6 before 10.6.4, and other platforms, allows remote attackers to hijack the authentication of administrators for requests that change settings. CVE-2010-0540 openSUSE Tumbleweed:cups-2.1.3-2.3 openSUSE Tumbleweed:cups-client-2.1.3-2.3 openSUSE Tumbleweed:cups-ddk-2.1.3-2.3 openSUSE Tumbleweed:cups-devel-2.1.3-2.3 openSUSE Tumbleweed:cups-devel-32bit-2.1.3-2.3 openSUSE Tumbleweed:cups-libs-2.1.3-2.3 openSUSE Tumbleweed:cups-libs-32bit-2.1.3-2.3 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2010-0540.html CVE-2010-0540 https://bugzilla.suse.com/601830 SUSE Bug 601830 https://bugzilla.suse.com/671735 SUSE Bug 671735 https://bugzilla.suse.com/680210 SUSE Bug 680210 https://bugzilla.suse.com/680212 SUSE Bug 680212 https://bugzilla.suse.com/700987 SUSE Bug 700987 https://bugzilla.suse.com/711490 SUSE Bug 711490 https://bugzilla.suse.com/715643 SUSE Bug 715643 https://bugzilla.suse.com/748422 SUSE Bug 748422 The _WriteProlog function in texttops.c in texttops in the Text Filter subsystem in CUPS before 1.4.4 does not check the return values of certain calloc calls, which allows remote attackers to cause a denial of service (NULL pointer dereference or heap memory corruption) or possibly execute arbitrary code via a crafted file. CVE-2010-0542 openSUSE Tumbleweed:cups-2.1.3-2.3 openSUSE Tumbleweed:cups-client-2.1.3-2.3 openSUSE Tumbleweed:cups-ddk-2.1.3-2.3 openSUSE Tumbleweed:cups-devel-2.1.3-2.3 openSUSE Tumbleweed:cups-devel-32bit-2.1.3-2.3 openSUSE Tumbleweed:cups-libs-2.1.3-2.3 openSUSE Tumbleweed:cups-libs-32bit-2.1.3-2.3 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2010-0542.html CVE-2010-0542 https://bugzilla.suse.com/601352 SUSE Bug 601352 https://bugzilla.suse.com/644521 SUSE Bug 644521 https://bugzilla.suse.com/657780 SUSE Bug 657780 The cgi_initialize_string function in cgi-bin/var.c in the web interface in CUPS before 1.4.4, as used on Apple Mac OS X 10.5.8, Mac OS X 10.6 before 10.6.4, and other platforms, does not properly handle parameter values containing a % (percent) character without two subsequent hex characters, which allows context-dependent attackers to obtain sensitive information from cupsd process memory via a crafted request, as demonstrated by the (1) /admin?OP=redirect&URL=% and (2) /admin?URL=/admin/&OP=% URIs. CVE-2010-1748 openSUSE Tumbleweed:cups-2.1.3-2.3 openSUSE Tumbleweed:cups-client-2.1.3-2.3 openSUSE Tumbleweed:cups-ddk-2.1.3-2.3 openSUSE Tumbleweed:cups-devel-2.1.3-2.3 openSUSE Tumbleweed:cups-devel-32bit-2.1.3-2.3 openSUSE Tumbleweed:cups-libs-2.1.3-2.3 openSUSE Tumbleweed:cups-libs-32bit-2.1.3-2.3 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2010-1748.html CVE-2010-1748 https://bugzilla.suse.com/601352 SUSE Bug 601352 https://bugzilla.suse.com/604271 SUSE Bug 604271 https://bugzilla.suse.com/644521 SUSE Bug 644521 https://bugzilla.suse.com/649256 SUSE Bug 649256 https://bugzilla.suse.com/657780 SUSE Bug 657780 ipp.c in cupsd in CUPS 1.4.4 and earlier does not properly allocate memory for attribute values with invalid string data types, which allows remote attackers to cause a denial of service (use-after-free and application crash) or possibly execute arbitrary code via a crafted IPP request. CVE-2010-2941 openSUSE Tumbleweed:cups-2.1.3-2.3 openSUSE Tumbleweed:cups-client-2.1.3-2.3 openSUSE Tumbleweed:cups-ddk-2.1.3-2.3 openSUSE Tumbleweed:cups-devel-2.1.3-2.3 openSUSE Tumbleweed:cups-devel-32bit-2.1.3-2.3 openSUSE Tumbleweed:cups-libs-2.1.3-2.3 openSUSE Tumbleweed:cups-libs-32bit-2.1.3-2.3 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2010-2941.html CVE-2010-2941 https://bugzilla.suse.com/649256 SUSE Bug 649256 https://bugzilla.suse.com/654627 SUSE Bug 654627 CUPS 1.4.4, when running in certain Linux distributions such as Debian GNU/Linux, stores the web interface administrator key in /var/run/cups/certs/0 using certain permissions, which allows local users in the lpadmin group to read or write arbitrary files as root by leveraging the web interface. CVE-2012-5519 openSUSE Tumbleweed:cups-2.1.3-2.3 openSUSE Tumbleweed:cups-client-2.1.3-2.3 openSUSE Tumbleweed:cups-ddk-2.1.3-2.3 openSUSE Tumbleweed:cups-devel-2.1.3-2.3 openSUSE Tumbleweed:cups-devel-32bit-2.1.3-2.3 openSUSE Tumbleweed:cups-libs-2.1.3-2.3 openSUSE Tumbleweed:cups-libs-32bit-2.1.3-2.3 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2012-5519.html CVE-2012-5519 https://bugzilla.suse.com/1180148 SUSE Bug 1180148 https://bugzilla.suse.com/789566 SUSE Bug 789566 https://bugzilla.suse.com/882905 SUSE Bug 882905 https://bugzilla.suse.com/924208 SUSE Bug 924208 cups (Common Unix Printing System) 'Listen localhost:631' option not honored correctly which could provide unauthorized access to the system CVE-2012-6094 openSUSE Tumbleweed:cups-2.1.3-2.3 openSUSE Tumbleweed:cups-client-2.1.3-2.3 openSUSE Tumbleweed:cups-ddk-2.1.3-2.3 openSUSE Tumbleweed:cups-devel-2.1.3-2.3 openSUSE Tumbleweed:cups-devel-32bit-2.1.3-2.3 openSUSE Tumbleweed:cups-libs-2.1.3-2.3 openSUSE Tumbleweed:cups-libs-32bit-2.1.3-2.3 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2012-6094.html CVE-2012-6094 https://bugzilla.suse.com/795624 SUSE Bug 795624 https://bugzilla.suse.com/857372 SUSE Bug 857372 Cross-site scripting (XSS) vulnerability in scheduler/client.c in Common Unix Printing System (CUPS) before 1.7.2 allows remote attackers to inject arbitrary web script or HTML via the URL path, related to the is_path_absolute function. CVE-2014-2856 openSUSE Tumbleweed:cups-2.1.3-2.3 openSUSE Tumbleweed:cups-client-2.1.3-2.3 openSUSE Tumbleweed:cups-ddk-2.1.3-2.3 openSUSE Tumbleweed:cups-devel-2.1.3-2.3 openSUSE Tumbleweed:cups-devel-32bit-2.1.3-2.3 openSUSE Tumbleweed:cups-libs-2.1.3-2.3 openSUSE Tumbleweed:cups-libs-32bit-2.1.3-2.3 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2014-2856.html CVE-2014-2856 https://bugzilla.suse.com/873899 SUSE Bug 873899 The web interface in CUPS before 1.7.4 allows local users in the lp group to read arbitrary files via a symlink attack on a file in /var/cache/cups/rss/. CVE-2014-3537 openSUSE Tumbleweed:cups-2.1.3-2.3 openSUSE Tumbleweed:cups-client-2.1.3-2.3 openSUSE Tumbleweed:cups-ddk-2.1.3-2.3 openSUSE Tumbleweed:cups-devel-2.1.3-2.3 openSUSE Tumbleweed:cups-devel-32bit-2.1.3-2.3 openSUSE Tumbleweed:cups-libs-2.1.3-2.3 openSUSE Tumbleweed:cups-libs-32bit-2.1.3-2.3 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2014-3537.html CVE-2014-3537 https://bugzilla.suse.com/887240 SUSE Bug 887240 The web interface in CUPS 1.7.4 allows local users in the lp group to read arbitrary files via a symlink attack on a file in /var/cache/cups/rss/ and language[0] set to null. NOTE: this vulnerability exists because of an incomplete fix for CVE-2014-3537. CVE-2014-5029 openSUSE Tumbleweed:cups-2.1.3-2.3 openSUSE Tumbleweed:cups-client-2.1.3-2.3 openSUSE Tumbleweed:cups-ddk-2.1.3-2.3 openSUSE Tumbleweed:cups-devel-2.1.3-2.3 openSUSE Tumbleweed:cups-devel-32bit-2.1.3-2.3 openSUSE Tumbleweed:cups-libs-2.1.3-2.3 openSUSE Tumbleweed:cups-libs-32bit-2.1.3-2.3 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2014-5029.html CVE-2014-5029 https://bugzilla.suse.com/887240 SUSE Bug 887240 CUPS before 2.0 allows local users to read arbitrary files via a symlink attack on (1) index.html, (2) index.class, (3) index.pl, (4) index.php, (5) index.pyc, or (6) index.py. CVE-2014-5030 openSUSE Tumbleweed:cups-2.1.3-2.3 openSUSE Tumbleweed:cups-client-2.1.3-2.3 openSUSE Tumbleweed:cups-ddk-2.1.3-2.3 openSUSE Tumbleweed:cups-devel-2.1.3-2.3 openSUSE Tumbleweed:cups-devel-32bit-2.1.3-2.3 openSUSE Tumbleweed:cups-libs-2.1.3-2.3 openSUSE Tumbleweed:cups-libs-32bit-2.1.3-2.3 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2014-5030.html CVE-2014-5030 https://bugzilla.suse.com/887240 SUSE Bug 887240 The web interface in CUPS before 2.0 does not check that files have world-readable permissions, which allows remote attackers to obtains sensitive information via unspecified vectors. CVE-2014-5031 openSUSE Tumbleweed:cups-2.1.3-2.3 openSUSE Tumbleweed:cups-client-2.1.3-2.3 openSUSE Tumbleweed:cups-ddk-2.1.3-2.3 openSUSE Tumbleweed:cups-devel-2.1.3-2.3 openSUSE Tumbleweed:cups-devel-32bit-2.1.3-2.3 openSUSE Tumbleweed:cups-libs-2.1.3-2.3 openSUSE Tumbleweed:cups-libs-32bit-2.1.3-2.3 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2014-5031.html CVE-2014-5031 https://bugzilla.suse.com/887240 SUSE Bug 887240 The add_job function in scheduler/ipp.c in cupsd in CUPS before 2.0.3 performs incorrect free operations for multiple-value job-originating-host-name attributes, which allows remote attackers to trigger data corruption for reference-counted strings via a crafted (1) IPP_CREATE_JOB or (2) IPP_PRINT_JOB request, as demonstrated by replacing the configuration file and consequently executing arbitrary code. CVE-2015-1158 openSUSE Tumbleweed:cups-2.1.3-2.3 openSUSE Tumbleweed:cups-client-2.1.3-2.3 openSUSE Tumbleweed:cups-ddk-2.1.3-2.3 openSUSE Tumbleweed:cups-devel-2.1.3-2.3 openSUSE Tumbleweed:cups-devel-32bit-2.1.3-2.3 openSUSE Tumbleweed:cups-libs-2.1.3-2.3 openSUSE Tumbleweed:cups-libs-32bit-2.1.3-2.3 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2015-1158.html CVE-2015-1158 https://bugzilla.suse.com/924208 SUSE Bug 924208 https://bugzilla.suse.com/976653 SUSE Bug 976653 Cross-site scripting (XSS) vulnerability in the cgi_puts function in cgi-bin/template.c in the template engine in CUPS before 2.0.3 allows remote attackers to inject arbitrary web script or HTML via the QUERY parameter to help/. CVE-2015-1159 openSUSE Tumbleweed:cups-2.1.3-2.3 openSUSE Tumbleweed:cups-client-2.1.3-2.3 openSUSE Tumbleweed:cups-ddk-2.1.3-2.3 openSUSE Tumbleweed:cups-devel-2.1.3-2.3 openSUSE Tumbleweed:cups-devel-32bit-2.1.3-2.3 openSUSE Tumbleweed:cups-libs-2.1.3-2.3 openSUSE Tumbleweed:cups-libs-32bit-2.1.3-2.3 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2015-1159.html CVE-2015-1159 https://bugzilla.suse.com/924208 SUSE Bug 924208 https://bugzilla.suse.com/976653 SUSE Bug 976653