Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!

Bug 553644 (CVE-2015-3258)

Summary: <net-print/cups-filters-1.0.70: remote code execution (CVE-2015-3258)
Product: Gentoo Security Reporter: Sam James <sam>
Component: VulnerabilitiesAssignee: Gentoo Security <security>
Status: RESOLVED FIXED    
Severity: normal CC: printing
Priority: Normal    
Version: unspecified   
Hardware: All   
OS: Linux   
URL: http://www.openwall.com/lists/oss-security/2015/06/26/4
Whiteboard: B2 [glsa cve]
Package list:
Runtime testing required: ---

Description Sam James archtester Gentoo Infrastructure gentoo-dev Security 2015-06-30 13:53:51 UTC 
From URL:
----
A heap-based buffer overflow was discovered in the way the texttopdf
utility of cups-filters processed print jobs with a specially crafted
line size. An attacker being able to submit print jobs could exploit
this flaw to crash texttopdf or, possibly, execute arbitrary code.

This was discovered by Petr Sklenar of Red Hat.

This is fixed in cups-filters 1.0.70.
----
http://bzr.linuxfoundation.org/loggerhead/openprinting/cups-filters/revision/7363
https://bugzilla.redhat.com/show_bug.cgi?id=1235385

The patch linked above is potentially incomplete, so it should not be used for now (http://www.openwall.com/lists/oss-security/2015/06/26/6).

1.0.66 (stable) and 1.0.68 (unstable) both need to be purged from the tree, as they are both vulnerable.

Maintainers, please purge the two vulnerable versions and import 1.0.70. Thanks.

Reproducible: Always
Comment 1 Andreas K. Hüttel archtester gentoo-dev 2015-06-30 14:32:48 UTC 
Arches please test (has only just been bumped) and stabilize:

net-print/cups-filters-1.0.70

Target: all stable arches
Comment 2 Agostino Sarubbo gentoo-dev 2015-06-30 15:43:54 UTC 
amd64 stable
Comment 3 Agostino Sarubbo gentoo-dev 2015-06-30 15:44:07 UTC 
x86 stable
Comment 4 Mikle Kolyada (RETIRED) archtester Gentoo Infrastructure gentoo-dev Security 2015-07-01 08:54:53 UTC 
arm stable
Comment 5 Jeroen Roovers (RETIRED) gentoo-dev 2015-07-02 04:17:34 UTC 
Stable for HPPA PPC64.
Comment 6 Kristian Fiskerstrand (RETIRED) gentoo-dev 2015-07-03 10:03:08 UTC 
This issue turned out to be an incomplete fix, see more details in bug 553836
Comment 7 GLSAMaker/CVETool Bot gentoo-dev 2015-07-06 12:30:29 UTC 
CVE-2015-3258 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-3258):
  ** RESERVED ** This candidate has been reserved by an organization or
  individual that will use it when announcing a new security problem. When the
  candidate has been publicized, the details for this candidate will be
  provided.
  
  ** TEMPORARY **
  A heap-based buffer overflow was discovered in the way the texttopdf
  utility of cups-filters processed print jobs with a specially crafted
  line size. An attacker being able to submit print jobs could exploit
  this flaw to crash texttopdf or, possibly, execute arbitrary code.
Comment 8 Yury German Gentoo Infrastructure gentoo-dev 2015-08-10 22:37:40 UTC 
Maintainer(s), Thank you for you for cleanup.
New GLSA Request filed.

Maintainer(s), please drop the vulnerable version(s).
Comment 9 Manuel Rüger (RETIRED) gentoo-dev 2015-08-27 18:11:52 UTC 
Cleanup done.
Comment 10 GLSAMaker/CVETool Bot gentoo-dev 2015-10-31 15:35:22 UTC 
This issue was resolved and addressed in
 GLSA 201510-08 at https://security.gentoo.org/glsa/201510-08
by GLSA coordinator Kristian Fiskerstrand (K_F).