[UCI-Linux] [SECURITY] Fedora Core 2 Update: foomatic-3.0.1-3.1

Mike Iglesias IGLESIAS at uci.edu
Wed Sep 22 08:37:01 PDT 2004

Date: Tue, 21 Sep 2004 18:07:29 -0400
From: Josh Bressers <bressers at redhat.com>
To: fedora-announce-list at redhat.com
Subject: [SECURITY] Fedora Core 2 Update: foomatic-3.0.1-3.1

Fedora Update Notification

Product     : Fedora Core 2
Name        : foomatic
Version     : 3.0.1                      
Release     : 3.1                  
Summary     : Foomatic printer database.
Description :
Foomatic is a comprehensive, spooler-independent database of printers,
printer drivers, and driver descriptions. It contains utilities to
generate driver description files and printer queues for CUPS, LPD,
LPRng, and PDQ using the database. There is also the possibility to
read the PJL options out of PJL-capable laser printers and take them
into account at the driver description file generation.

There are spooler-independent command line interfaces to manipulate
queues (foomatic-configure) and to print files/manipulate jobs
(foomatic printjob).

The site http://www.linuxprinting.org/ is based on this database.

Update Information:

Sebastian Krahmer reported a bug in the cupsomatic and foomatic-rip print
filters, used by the CUPS print spooler. An attacker who has printing
access could send a carefully named file to the print server causing
arbitrary commands to be executed as root. The Common Vulnerabilities and
Exposures project (cve.mitre.org) has assigned the name CAN-2004-0801 to
this issue.

* Fri Sep 10 2004 Tim Waugh <twaugh at redhat.com> 3.0.1-3.1

- Fix security issue (CAN-2004-0801, bug #130951).  Patch from Till

This update can be downloaded from:

cab9692a6b2b0161f73b1b9039c6f491  SRPMS/foomatic-3.0.1-3.1.src.rpm
46227411cf108d7436169f198514aca0  x86_64/foomatic-3.0.1-3.1.x86_64.rpm
ea451e8bd0b25fbcd5d22faad369a4fb  x86_64/debug/foomatic-debuginfo-3.0.1-3.1.x86_64.rpm
571e627239ed4bb5c53d7298f54a56de  i386/foomatic-3.0.1-3.1.i386.rpm
7eac2a20ce6fd91a7be07c9b797d3fc6  i386/debug/foomatic-debuginfo-3.0.1-3.1.i386.rpm

This update can also be installed with the Update Agent; you can
launch the Update Agent with the 'up2date' command.  

fedora-announce-list mailing list
fedora-announce-list at redhat.com

More information about the UCI-Linux mailing list