In association with heise online

17 April 2009, 12:13

CUPS update closes security holes

  • Twitter
  • Facebook
  • submit to slashdot
  • StumbleUpon
  • submit to reddit

Version 1.3.10 of the CUPS printer service closes three security weaknesses in addition to fixing a large number of bugs. With some processing of TIFF and PNG images it is possible to cause a buffer overflow. According to the bug reportThe TIFF overflow, at least, can be exploited with manipulated image files.

The other security fix in the release protects the print service from DNS rebinding attacks. This was resolved by adding extra HTTP header validation. Linux distributions are already distributing updated packages of the Apple developed software.

See also:

(djwm)

Print Version | Send by email | Permalink: http://h-online.com/-741205
 


  • July's Community Calendar





The H Open

The H Security

The H Developer

The H Internet Toolkit