Oracle Linux Local Security Checks : Oracle: Security Advisory (ELSA-2015-2360)

Búsqueda de Vulnerabilidad		Buscar 324607 Descripciones CVE y 146377 Descripciones de Pruebas, accesos 10,000+ referencias cruzadas.
	Pruebas CVE Todos

ID de Prueba: 1.3.6.1.4.1.25623.1.0.122745

Categoría: Oracle Linux Local Security Checks

Título: Oracle: Security Advisory (ELSA-2015-2360)

Resumen: The remote host is missing an update for the 'cups-filters' package(s) announced via the ELSA-2015-2360 advisory.

Descripción: Summary:
The remote host is missing an update for the 'cups-filters' package(s) announced via the ELSA-2015-2360 advisory.

Vulnerability Insight:
[1.0.35-21]
- Fix heap-based buffer overflow in texttopdf filter (bug #1241242,
CVE-2015-3258, CVE-2015-3279).

[1.0.35-20]
- Improvements to cups-browsed efficiency patch (bug #1191691).

[1.0.35-18]
- Fix segfault in texttopdf filter (bug #1194263).
- Improve cups-browsed efficiency (bug #1191691).
- Fetch printer descriptions with cups-browsed (bug #1223719).
- Fix cups-browsed '_' handling for printer names (bug #1167408).

[1.0.35-17]
- Build against newer poppler (bug #1217552).

[1.0.35-16]
- Applied upstream patch to fix BrowseAllow parsing issue
(CVE-2014-4338, bug #1091568).
- Applied upstream patch for cups-browsed DoS via
process_browse_data() out-of-bounds read (CVE-2014-4337,
bug #1111510).

Affected Software/OS:
'cups-filters' package(s) on Oracle Linux 7.

Solution:
Please install the updated package(s).

CVSS Score:
7.5

CVSS Vector:
AV:N/AC:L/Au:N/C:P/I:P/A:P

Referencia Cruzada: Common Vulnerability Exposure (CVE) ID: CVE-2015-3258
75436
http://www.securityfocus.com/bid/75436
DSA-3303
http://www.debian.org/security/2015/dsa-3303
GLSA-201510-08
https://security.gentoo.org/glsa/201510-08
RHSA-2015:2360
http://rhn.redhat.com/errata/RHSA-2015-2360.html
USN-2659-1
http://ubuntu.com/usn/usn-2659-1
[oss-security] 20150626 CVE-2015-3258 cups-filters: texttopdf heap-based buffer overflow
http://www.openwall.com/lists/oss-security/2015/06/26/4
http://bzr.linuxfoundation.org/loggerhead/openprinting/cups-filters/revision/7363
http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.html
https://bugzilla.redhat.com/show_bug.cgi?id=1235385
openSUSE-SU-2015:1244
http://lists.opensuse.org/opensuse-updates/2015-07/msg00033.html
Common Vulnerability Exposure (CVE) ID: CVE-2015-3279
BugTraq ID: 75557
http://www.securityfocus.com/bid/75557
Debian Security Information: DSA-3303 (Google Search)
http://www.openwall.com/lists/oss-security/2015/07/03/2
http://www.openwall.com/lists/oss-security/2015/07/03/5
RedHat Security Advisories: RHSA-2015:2360
SuSE Security Announcement: openSUSE-SU-2015:1244 (Google Search)

Copyright Copyright (C) 2015 Greenbone AG

Esta es sólo una de 146377 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa.
Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.

ID de Prueba:	1.3.6.1.4.1.25623.1.0.122745
Categoría:	Oracle Linux Local Security Checks
Título:	Oracle: Security Advisory (ELSA-2015-2360)
Resumen:	The remote host is missing an update for the 'cups-filters' package(s) announced via the ELSA-2015-2360 advisory.
Descripción:	Summary: The remote host is missing an update for the 'cups-filters' package(s) announced via the ELSA-2015-2360 advisory. Vulnerability Insight: [1.0.35-21] - Fix heap-based buffer overflow in texttopdf filter (bug #1241242, CVE-2015-3258, CVE-2015-3279). [1.0.35-20] - Improvements to cups-browsed efficiency patch (bug #1191691). [1.0.35-18] - Fix segfault in texttopdf filter (bug #1194263). - Improve cups-browsed efficiency (bug #1191691). - Fetch printer descriptions with cups-browsed (bug #1223719). - Fix cups-browsed '_' handling for printer names (bug #1167408). [1.0.35-17] - Build against newer poppler (bug #1217552). [1.0.35-16] - Applied upstream patch to fix BrowseAllow parsing issue (CVE-2014-4338, bug #1091568). - Applied upstream patch for cups-browsed DoS via process_browse_data() out-of-bounds read (CVE-2014-4337, bug #1111510). Affected Software/OS: 'cups-filters' package(s) on Oracle Linux 7. Solution: Please install the updated package(s). CVSS Score: 7.5 CVSS Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2015-3258 75436 http://www.securityfocus.com/bid/75436 DSA-3303 http://www.debian.org/security/2015/dsa-3303 GLSA-201510-08 https://security.gentoo.org/glsa/201510-08 RHSA-2015:2360 http://rhn.redhat.com/errata/RHSA-2015-2360.html USN-2659-1 http://ubuntu.com/usn/usn-2659-1 [oss-security] 20150626 CVE-2015-3258 cups-filters: texttopdf heap-based buffer overflow http://www.openwall.com/lists/oss-security/2015/06/26/4 http://bzr.linuxfoundation.org/loggerhead/openprinting/cups-filters/revision/7363 http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.html https://bugzilla.redhat.com/show_bug.cgi?id=1235385 openSUSE-SU-2015:1244 http://lists.opensuse.org/opensuse-updates/2015-07/msg00033.html Common Vulnerability Exposure (CVE) ID: CVE-2015-3279 BugTraq ID: 75557 http://www.securityfocus.com/bid/75557 Debian Security Information: DSA-3303 (Google Search) http://www.openwall.com/lists/oss-security/2015/07/03/2 http://www.openwall.com/lists/oss-security/2015/07/03/5 RedHat Security Advisories: RHSA-2015:2360 SuSE Security Announcement: openSUSE-SU-2015:1244 (Google Search)
Copyright	Copyright (C) 2015 Greenbone AG