Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!
Bug 508844 - <net-print/cups-filters-1.0.53: inadequate fix for CVE-2014-2707 (CVE-2014-{4336,4337,4338})
Summary: <net-print/cups-filters-1.0.53: inadequate fix for CVE-2014-2707 (CVE-2014-{4...
Alias: None
Product: Gentoo Security
Classification: Unclassified
Component: Vulnerabilities (show other bugs)
Hardware: All Linux
: Normal normal (vote)
Assignee: Gentoo Security
Whiteboard: B2 [glsa]
Depends on:
Reported: 2014-04-27 09:10 UTC by Agostino Sarubbo
Modified: 2015-01-04 13:10 UTC (History)
0 users

See Also:
Package list:
Runtime testing required: ---


Note You need to log in before you can comment on or make changes to this bug.
Description Agostino Sarubbo gentoo-dev 2014-04-27 09:10:52 UTC
From ${URL} :

According to Sebastian Krahmer, the initial fix for CVE-2014-2707 (bug #1083326) is incomplete:

This issue was reported as fixed in 1.0.51:

but it was found that the fix was incomplete with the full fix in 1.0.53:

The CVE-2014-2707 flaw is regarding the cups-browsed daemon being manipulated to execute arbitrary 
commands via malicious broadcast packets.

@maintainer(s): after the bump, in case we need to stabilize the package, please let us know if it is ready for the stabilization or not.
Comment 1 Andreas K. Hüttel archtester gentoo-dev 2014-04-27 12:15:23 UTC
Arches please test and stabilize net-print/cups-1.0.53
Target: all stable arches
Comment 2 Jeroen Roovers (RETIRED) gentoo-dev 2014-04-27 13:47:20 UTC
Stable for HPPA.
Comment 3 Yury German Gentoo Infrastructure gentoo-dev 2014-04-27 14:25:47 UTC
Arches, please test and mark stable:


Target Keywords : "alpha amd64 arm hppa ia64 ppc ppc64 spark x86"

Thank you!
Comment 4 Agostino Sarubbo gentoo-dev 2014-04-30 13:59:53 UTC
amd64 stable
Comment 5 Agostino Sarubbo gentoo-dev 2014-04-30 14:21:28 UTC
x86 stable
Comment 6 Markus Meier gentoo-dev 2014-05-03 14:16:48 UTC
arm stable
Comment 7 Agostino Sarubbo gentoo-dev 2014-05-10 14:02:29 UTC
ppc stable
Comment 8 Agostino Sarubbo gentoo-dev 2014-05-11 08:05:47 UTC
ppc64 stable
Comment 9 Agostino Sarubbo gentoo-dev 2014-05-13 15:21:50 UTC
ia64 stable
Comment 10 Agostino Sarubbo gentoo-dev 2014-05-14 16:11:58 UTC
sparc stable
Comment 11 Agostino Sarubbo gentoo-dev 2014-05-17 13:51:07 UTC
alpha stable.

Maintainer(s), please cleanup.
Security, please add it to the existing request, or file a new one.
Comment 12 Andreas K. Hüttel archtester gentoo-dev 2014-05-24 20:34:37 UTC
All vulnerable versions removed.
Comment 13 Yury German Gentoo Infrastructure gentoo-dev 2014-06-16 04:59:24 UTC
Arches and Maintainer(s), Thank you for your work.

New GLSA Request filed.
Comment 14 GLSAMaker/CVETool Bot gentoo-dev 2014-06-16 18:15:17 UTC
This issue was resolved and addressed in
 GLSA 201406-16 at
by GLSA coordinator Mikle Kolyada (Zlogene).
Comment 15 GLSAMaker/CVETool Bot gentoo-dev 2015-01-04 13:10:41 UTC
CVE-2014-4338 (
  cups-browsed in cups-filters before 1.0.53 allows remote attackers to bypass
  intended access restrictions in opportunistic circumstances by leveraging a
  malformed cups-browsed.conf BrowseAllow directive that is interpreted as
  granting browse access to all IP addresses.

CVE-2014-4337 (
  The process_browse_data function in utils/cups-browsed.c in cups-browsed in
  cups-filters before 1.0.53 allows remote attackers to cause a denial of
  service (out-of-bounds read and application crash) via crafted packet data.

CVE-2014-4336 (
  The generate_local_queue function in utils/cups-browsed.c in cups-browsed in
  cups-filters before 1.0.53 allows remote IPP printers to execute arbitrary
  commands via shell metacharacters in the host name.  NOTE: this
  vulnerability exists because of an incomplete fix for CVE-2014-2707.