Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!
Bug 553644 (CVE-2015-3258) - <net-print/cups-filters-1.0.70: remote code execution (CVE-2015-3258)
Summary: <net-print/cups-filters-1.0.70: remote code execution (CVE-2015-3258)
Status: RESOLVED FIXED
Alias: CVE-2015-3258
Product: Gentoo Security
Classification: Unclassified
Component: Vulnerabilities (show other bugs)
Hardware: All Linux
: Normal normal (vote)
Assignee: Gentoo Security
URL: http://www.openwall.com/lists/oss-sec...
Whiteboard: B2 [glsa cve]
Keywords:
Depends on:
Blocks:
 
Reported: 2015-06-30 13:53 UTC by Sam James
Modified: 2015-10-31 15:35 UTC (History)
1 user (show)

See Also:
Package list:
Runtime testing required: ---


Attachments

Note You need to log in before you can comment on or make changes to this bug.
Description Sam James archtester gentoo-dev Security 2015-06-30 13:53:51 UTC
From URL:
----
A heap-based buffer overflow was discovered in the way the texttopdf
utility of cups-filters processed print jobs with a specially crafted
line size. An attacker being able to submit print jobs could exploit
this flaw to crash texttopdf or, possibly, execute arbitrary code.

This was discovered by Petr Sklenar of Red Hat.

This is fixed in cups-filters 1.0.70.
----
http://bzr.linuxfoundation.org/loggerhead/openprinting/cups-filters/revision/7363
https://bugzilla.redhat.com/show_bug.cgi?id=1235385

The patch linked above is potentially incomplete, so it should not be used for now (http://www.openwall.com/lists/oss-security/2015/06/26/6).

1.0.66 (stable) and 1.0.68 (unstable) both need to be purged from the tree, as they are both vulnerable.

Maintainers, please purge the two vulnerable versions and import 1.0.70. Thanks.

Reproducible: Always
Comment 1 Andreas K. Hüttel archtester gentoo-dev 2015-06-30 14:32:48 UTC
Arches please test (has only just been bumped) and stabilize:

net-print/cups-filters-1.0.70

Target: all stable arches
Comment 2 Agostino Sarubbo gentoo-dev 2015-06-30 15:43:54 UTC
amd64 stable
Comment 3 Agostino Sarubbo gentoo-dev 2015-06-30 15:44:07 UTC
x86 stable
Comment 4 Mikle Kolyada archtester Gentoo Infrastructure gentoo-dev Security 2015-07-01 08:54:53 UTC
arm stable
Comment 5 Jeroen Roovers (RETIRED) gentoo-dev 2015-07-02 04:17:34 UTC
Stable for HPPA PPC64.
Comment 6 Kristian Fiskerstrand (RETIRED) gentoo-dev 2015-07-03 10:03:08 UTC
This issue turned out to be an incomplete fix, see more details in bug 553836
Comment 7 GLSAMaker/CVETool Bot gentoo-dev 2015-07-06 12:30:29 UTC
CVE-2015-3258 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-3258):
  ** RESERVED ** This candidate has been reserved by an organization or
  individual that will use it when announcing a new security problem. When the
  candidate has been publicized, the details for this candidate will be
  provided.
  
  ** TEMPORARY **
  A heap-based buffer overflow was discovered in the way the texttopdf
  utility of cups-filters processed print jobs with a specially crafted
  line size. An attacker being able to submit print jobs could exploit
  this flaw to crash texttopdf or, possibly, execute arbitrary code.
Comment 8 Yury German Gentoo Infrastructure gentoo-dev 2015-08-10 22:37:40 UTC
Maintainer(s), Thank you for you for cleanup.
New GLSA Request filed.

Maintainer(s), please drop the vulnerable version(s).
Comment 9 Manuel Rüger (RETIRED) gentoo-dev 2015-08-27 18:11:52 UTC
Cleanup done.
Comment 10 GLSAMaker/CVETool Bot gentoo-dev 2015-10-31 15:35:22 UTC
This issue was resolved and addressed in
 GLSA 201510-08 at https://security.gentoo.org/glsa/201510-08
by GLSA coordinator Kristian Fiskerstrand (K_F).