(RHSA-2005:571) cups security update

2005-07-1400:00:00

access.redhat.com

0.012 Low

EPSS

Percentile

85.5%

JSON

The Common UNIX Printing System (CUPS) provides a portable printing layer for
UNIX® operating systems.

When processing a request, the CUPS scheduler would use case-sensitive
matching on the queue name to decide which authorization policy should be
used. However, queue names are not case-sensitive. An unauthorized user
could print to a password-protected queue without needing a password. The
Common Vulnerabilities and Exposures project has assigned the name
CAN-2005-2154 to this issue.

Please note that the version of CUPS included in Red Hat Enterprise Linux 4
is not vulnerable to this issue.

All users of CUPS should upgrade to these erratum packages which contain a
backported patch to correct this issue.

OSVersionArchitecturePackageVersionFilename
RedHatanyia64cups-libs< 1.1.17-13.3.29cups-libs-1.1.17-13.3.29.ia64.rpm
RedHatanyia64cups-devel< 1.1.17-13.3.29cups-devel-1.1.17-13.3.29.ia64.rpm
RedHatanyi386cups-libs< 1.1.17-13.3.29cups-libs-1.1.17-13.3.29.i386.rpm
RedHatanyia64cups< 1.1.17-13.3.29cups-1.1.17-13.3.29.ia64.rpm

OS	Version	Architecture	Package	Version	Filename
RedHat	any	ia64	cups-libs	< 1.1.17-13.3.29	cups-libs-1.1.17-13.3.29.ia64.rpm
RedHat	any	ia64	cups-devel	< 1.1.17-13.3.29	cups-devel-1.1.17-13.3.29.ia64.rpm
RedHat	any	i386	cups-libs	< 1.1.17-13.3.29	cups-libs-1.1.17-13.3.29.i386.rpm
RedHat	any	ia64	cups	< 1.1.17-13.3.29	cups-1.1.17-13.3.29.ia64.rpm

0.012 Low

EPSS

Percentile

85.5%

JSON

Related for RHSA-2005:571