int(4972)

Boletines de Vulnerabilidades


Cross-Site Scripting en CUPS

Clasificación de la vulnerabilidad

Propiedad Valor
Nivel de Confianza Oficial
Impacto Aumento de la visibilidad
Dificultad Avanzado
Requerimientos del atacante Acceso remoto sin cuenta a un servicio estandar

Información sobre el sistema

Propiedad Valor
Fabricante afectado GNU/Linux
Software afectado CUPS

Descripción

Se ha descubierto una vulnerabilidad de tipo Cross-Site Scripting en CUPS. La vulnerabilidad reside en un error en el manejo de cabeceras HTTP.

Un atacante remoto podría realizar ataques de cross-site scripting mediante métodos relacionados con la interfaz web, fichero de configuración de la impresión o los títulos de trabajos imprimidos.

Solución



Actualización de software

Debian (DSA-1933-1)

Debian Linux 4.0
Source
http://security.debian.org/pool/updates/main/c/cupsys/cupsys_1.2.7.orig.tar.gz
http://security.debian.org/pool/updates/main/c/cupsys/cupsys_1.2.7-4+etch9.diff.gz
http://security.debian.org/pool/updates/main/c/cupsys/cupsys_1.2.7-4+etch9.dsc
Arquitectura independiente:
http://security.debian.org/pool/updates/main/c/cupsys/cupsys-common_1.2.7-4+etch9_all.deb
http://security.debian.org/pool/updates/main/c/cupsys/libcupsys2-gnutls10_1.2.7-4+etch9_all.deb
alpha (DEC Alpha)
http://security.debian.org/pool/updates/main/c/cupsys/libcupsimage2-dev_1.2.7-4+etch9_alpha.deb
http://security.debian.org/pool/updates/main/c/cupsys/cupsys-dbg_1.2.7-4+etch9_alpha.deb
http://security.debian.org/pool/updates/main/c/cupsys/libcupsys2-dev_1.2.7-4+etch9_alpha.deb
http://security.debian.org/pool/updates/main/c/cupsys/libcupsys2_1.2.7-4+etch9_alpha.deb
http://security.debian.org/pool/updates/main/c/cupsys/libcupsimage2_1.2.7-4+etch9_alpha.deb
http://security.debian.org/pool/updates/main/c/cupsys/cupsys_1.2.7-4+etch9_alpha.deb
http://security.debian.org/pool/updates/main/c/cupsys/cupsys-client_1.2.7-4+etch9_alpha.deb
http://security.debian.org/pool/updates/main/c/cupsys/cupsys-bsd_1.2.7-4+etch9_alpha.deb
amd64 (AMD x86_64 (AMD64))
http://security.debian.org/pool/updates/main/c/cupsys/libcupsys2_1.2.7-4+etch9_amd64.deb
http://security.debian.org/pool/updates/main/c/cupsys/cupsys-client_1.2.7-4+etch9_amd64.deb
http://security.debian.org/pool/updates/main/c/cupsys/cupsys-dbg_1.2.7-4+etch9_amd64.deb
http://security.debian.org/pool/updates/main/c/cupsys/libcupsimage2_1.2.7-4+etch9_amd64.deb
http://security.debian.org/pool/updates/main/c/cupsys/cupsys_1.2.7-4+etch9_amd64.deb
http://security.debian.org/pool/updates/main/c/cupsys/libcupsimage2-dev_1.2.7-4+etch9_amd64.deb
http://security.debian.org/pool/updates/main/c/cupsys/libcupsys2-dev_1.2.7-4+etch9_amd64.deb
http://security.debian.org/pool/updates/main/c/cupsys/cupsys-bsd_1.2.7-4+etch9_amd64.deb
arm (ARM)
http://security.debian.org/pool/updates/main/c/cupsys/cupsys-client_1.2.7-4+etch9_arm.deb
http://security.debian.org/pool/updates/main/c/cupsys/libcupsys2_1.2.7-4+etch9_arm.deb
http://security.debian.org/pool/updates/main/c/cupsys/libcupsimage2_1.2.7-4+etch9_arm.deb
http://security.debian.org/pool/updates/main/c/cupsys/cupsys_1.2.7-4+etch9_arm.deb
http://security.debian.org/pool/updates/main/c/cupsys/libcupsimage2-dev_1.2.7-4+etch9_arm.deb
http://security.debian.org/pool/updates/main/c/cupsys/cupsys-dbg_1.2.7-4+etch9_arm.deb
http://security.debian.org/pool/updates/main/c/cupsys/cupsys-bsd_1.2.7-4+etch9_arm.deb
http://security.debian.org/pool/updates/main/c/cupsys/libcupsys2-dev_1.2.7-4+etch9_arm.deb
hppa (HP PA RISC)
http://security.debian.org/pool/updates/main/c/cupsys/libcupsimage2-dev_1.2.7-4+etch9_hppa.deb
http://security.debian.org/pool/updates/main/c/cupsys/libcupsimage2_1.2.7-4+etch9_hppa.deb
http://security.debian.org/pool/updates/main/c/cupsys/cupsys-client_1.2.7-4+etch9_hppa.deb
http://security.debian.org/pool/updates/main/c/cupsys/cupsys-dbg_1.2.7-4+etch9_hppa.deb
http://security.debian.org/pool/updates/main/c/cupsys/cupsys_1.2.7-4+etch9_hppa.deb
http://security.debian.org/pool/updates/main/c/cupsys/libcupsys2-dev_1.2.7-4+etch9_hppa.deb
http://security.debian.org/pool/updates/main/c/cupsys/libcupsys2_1.2.7-4+etch9_hppa.deb
http://security.debian.org/pool/updates/main/c/cupsys/cupsys-bsd_1.2.7-4+etch9_hppa.deb
i386 (Intel ia32)
http://security.debian.org/pool/updates/main/c/cupsys/cupsys_1.2.7-4+etch9_i386.deb
http://security.debian.org/pool/updates/main/c/cupsys/libcupsimage2-dev_1.2.7-4+etch9_i386.deb
http://security.debian.org/pool/updates/main/c/cupsys/cupsys-client_1.2.7-4+etch9_i386.deb
http://security.debian.org/pool/updates/main/c/cupsys/libcupsimage2_1.2.7-4+etch9_i386.deb
http://security.debian.org/pool/updates/main/c/cupsys/libcupsys2_1.2.7-4+etch9_i386.deb
http://security.debian.org/pool/updates/main/c/cupsys/libcupsys2-dev_1.2.7-4+etch9_i386.deb
http://security.debian.org/pool/updates/main/c/cupsys/cupsys-dbg_1.2.7-4+etch9_i386.deb
http://security.debian.org/pool/updates/main/c/cupsys/cupsys-bsd_1.2.7-4+etch9_i386.deb
ia64 (Intel ia64)
http://security.debian.org/pool/updates/main/c/cupsys/libcupsys2-dev_1.2.7-4+etch9_ia64.deb
http://security.debian.org/pool/updates/main/c/cupsys/cupsys-bsd_1.2.7-4+etch9_ia64.deb
http://security.debian.org/pool/updates/main/c/cupsys/cupsys-client_1.2.7-4+etch9_ia64.deb
http://security.debian.org/pool/updates/main/c/cupsys/cupsys_1.2.7-4+etch9_ia64.deb
http://security.debian.org/pool/updates/main/c/cupsys/libcupsys2_1.2.7-4+etch9_ia64.deb
http://security.debian.org/pool/updates/main/c/cupsys/cupsys-dbg_1.2.7-4+etch9_ia64.deb
http://security.debian.org/pool/updates/main/c/cupsys/libcupsimage2_1.2.7-4+etch9_ia64.deb
http://security.debian.org/pool/updates/main/c/cupsys/libcupsimage2-dev_1.2.7-4+etch9_ia64.deb
mips (MIPS (Big Endian))
http://security.debian.org/pool/updates/main/c/cupsys/libcupsys2_1.2.7-4+etch9_mips.deb
http://security.debian.org/pool/updates/main/c/cupsys/cupsys_1.2.7-4+etch9_mips.deb
http://security.debian.org/pool/updates/main/c/cupsys/cupsys-dbg_1.2.7-4+etch9_mips.deb
http://security.debian.org/pool/updates/main/c/cupsys/cupsys-client_1.2.7-4+etch9_mips.deb
http://security.debian.org/pool/updates/main/c/cupsys/libcupsimage2-dev_1.2.7-4+etch9_mips.deb
http://security.debian.org/pool/updates/main/c/cupsys/cupsys-bsd_1.2.7-4+etch9_mips.deb
http://security.debian.org/pool/updates/main/c/cupsys/libcupsys2-dev_1.2.7-4+etch9_mips.deb
http://security.debian.org/pool/updates/main/c/cupsys/libcupsimage2_1.2.7-4+etch9_mips.deb
mipsel (MIPS (Little Endian))
http://security.debian.org/pool/updates/main/c/cupsys/libcupsys2_1.2.7-4+etch9_mipsel.deb
http://security.debian.org/pool/updates/main/c/cupsys/cupsys-dbg_1.2.7-4+etch9_mipsel.deb
http://security.debian.org/pool/updates/main/c/cupsys/cupsys-bsd_1.2.7-4+etch9_mipsel.deb
http://security.debian.org/pool/updates/main/c/cupsys/cupsys_1.2.7-4+etch9_mipsel.deb
http://security.debian.org/pool/updates/main/c/cupsys/libcupsimage2-dev_1.2.7-4+etch9_mipsel.deb
http://security.debian.org/pool/updates/main/c/cupsys/libcupsys2-dev_1.2.7-4+etch9_mipsel.deb
http://security.debian.org/pool/updates/main/c/cupsys/cupsys-client_1.2.7-4+etch9_mipsel.deb
http://security.debian.org/pool/updates/main/c/cupsys/libcupsimage2_1.2.7-4+etch9_mipsel.deb
powerpc (PowerPC)
http://security.debian.org/pool/updates/main/c/cupsys/libcupsimage2_1.2.7-4+etch9_powerpc.deb
http://security.debian.org/pool/updates/main/c/cupsys/cupsys-bsd_1.2.7-4+etch9_powerpc.deb
http://security.debian.org/pool/updates/main/c/cupsys/libcupsys2_1.2.7-4+etch9_powerpc.deb
http://security.debian.org/pool/updates/main/c/cupsys/cupsys-dbg_1.2.7-4+etch9_powerpc.deb
http://security.debian.org/pool/updates/main/c/cupsys/libcupsys2-dev_1.2.7-4+etch9_powerpc.deb
http://security.debian.org/pool/updates/main/c/cupsys/cupsys-client_1.2.7-4+etch9_powerpc.deb
http://security.debian.org/pool/updates/main/c/cupsys/libcupsimage2-dev_1.2.7-4+etch9_powerpc.deb
http://security.debian.org/pool/updates/main/c/cupsys/cupsys_1.2.7-4+etch9_powerpc.deb
s390 (IBM S/390)
http://security.debian.org/pool/updates/main/c/cupsys/cupsys-bsd_1.2.7-4+etch9_s390.deb
http://security.debian.org/pool/updates/main/c/cupsys/libcupsys2-dev_1.2.7-4+etch9_s390.deb
http://security.debian.org/pool/updates/main/c/cupsys/cupsys-dbg_1.2.7-4+etch9_s390.deb
http://security.debian.org/pool/updates/main/c/cupsys/libcupsys2_1.2.7-4+etch9_s390.deb
http://security.debian.org/pool/updates/main/c/cupsys/cupsys_1.2.7-4+etch9_s390.deb
http://security.debian.org/pool/updates/main/c/cupsys/libcupsimage2_1.2.7-4+etch9_s390.deb
http://security.debian.org/pool/updates/main/c/cupsys/libcupsimage2-dev_1.2.7-4+etch9_s390.deb
http://security.debian.org/pool/updates/main/c/cupsys/cupsys-client_1.2.7-4+etch9_s390.deb
sparc (Sun SPARC/UltraSPARC)
http://security.debian.org/pool/updates/main/c/cupsys/cupsys-client_1.2.7-4+etch9_sparc.deb
http://security.debian.org/pool/updates/main/c/cupsys/cupsys-dbg_1.2.7-4+etch9_sparc.deb
http://security.debian.org/pool/updates/main/c/cupsys/libcupsimage2-dev_1.2.7-4+etch9_sparc.deb
http://security.debian.org/pool/updates/main/c/cupsys/libcupsys2-dev_1.2.7-4+etch9_sparc.deb
http://security.debian.org/pool/updates/main/c/cupsys/cupsys-bsd_1.2.7-4+etch9_sparc.deb
http://security.debian.org/pool/updates/main/c/cupsys/libcupsys2_1.2.7-4+etch9_sparc.deb
http://security.debian.org/pool/updates/main/c/cupsys/cupsys_1.2.7-4+etch9_sparc.deb
http://security.debian.org/pool/updates/main/c/cupsys/libcupsimage2_1.2.7-4+etch9_sparc.deb

Debian (DSA-1933-1)

Debian Linux 5.0
Source
http://security.debian.org/pool/updates/main/c/cups/cups_1.3.8-1+lenny7.diff.gz
http://security.debian.org/pool/updates/main/c/cups/cups_1.3.8.orig.tar.gz
http://security.debian.org/pool/updates/main/c/cups/cups_1.3.8-1+lenny7.dsc
Arquitectura independiente:
http://security.debian.org/pool/updates/main/c/cups/cupsys-client_1.3.8-1+lenny7_all.deb
http://security.debian.org/pool/updates/main/c/cups/libcupsys2_1.3.8-1+lenny7_all.deb
http://security.debian.org/pool/updates/main/c/cups/cupsys-dbg_1.3.8-1+lenny7_all.deb
http://security.debian.org/pool/updates/main/c/cups/cupsys-bsd_1.3.8-1+lenny7_all.deb
http://security.debian.org/pool/updates/main/c/cups/cupsys-common_1.3.8-1+lenny7_all.deb
http://security.debian.org/pool/updates/main/c/cups/libcupsys2-dev_1.3.8-1+lenny7_all.deb
http://security.debian.org/pool/updates/main/c/cups/cupsys_1.3.8-1+lenny7_all.deb
http://security.debian.org/pool/updates/main/c/cups/cups-common_1.3.8-1+lenny7_all.deb
alpha (DEC Alpha)
http://security.debian.org/pool/updates/main/c/cups/cups_1.3.8-1+lenny7_alpha.deb
http://security.debian.org/pool/updates/main/c/cups/libcups2_1.3.8-1+lenny7_alpha.deb
http://security.debian.org/pool/updates/main/c/cups/cups-client_1.3.8-1+lenny7_alpha.deb
http://security.debian.org/pool/updates/main/c/cups/cups-bsd_1.3.8-1+lenny7_alpha.deb
http://security.debian.org/pool/updates/main/c/cups/cups-dbg_1.3.8-1+lenny7_alpha.deb
http://security.debian.org/pool/updates/main/c/cups/libcupsimage2_1.3.8-1+lenny7_alpha.deb
http://security.debian.org/pool/updates/main/c/cups/libcupsimage2-dev_1.3.8-1+lenny7_alpha.deb
http://security.debian.org/pool/updates/main/c/cups/libcups2-dev_1.3.8-1+lenny7_alpha.deb
amd64 (AMD x86_64 (AMD64))
http://security.debian.org/pool/updates/main/c/cups/libcups2-dev_1.3.8-1+lenny7_amd64.deb
http://security.debian.org/pool/updates/main/c/cups/cups_1.3.8-1+lenny7_amd64.deb
http://security.debian.org/pool/updates/main/c/cups/libcups2_1.3.8-1+lenny7_amd64.deb
http://security.debian.org/pool/updates/main/c/cups/libcupsimage2-dev_1.3.8-1+lenny7_amd64.deb
http://security.debian.org/pool/updates/main/c/cups/cups-dbg_1.3.8-1+lenny7_amd64.deb
http://security.debian.org/pool/updates/main/c/cups/cups-client_1.3.8-1+lenny7_amd64.deb
http://security.debian.org/pool/updates/main/c/cups/libcupsimage2_1.3.8-1+lenny7_amd64.deb
http://security.debian.org/pool/updates/main/c/cups/cups-bsd_1.3.8-1+lenny7_amd64.deb
arm (ARM)
http://security.debian.org/pool/updates/main/c/cups/libcups2-dev_1.3.8-1+lenny7_arm.deb
http://security.debian.org/pool/updates/main/c/cups/libcups2_1.3.8-1+lenny7_arm.deb
http://security.debian.org/pool/updates/main/c/cups/cups_1.3.8-1+lenny7_arm.deb
http://security.debian.org/pool/updates/main/c/cups/cups-dbg_1.3.8-1+lenny7_arm.deb
http://security.debian.org/pool/updates/main/c/cups/cups-client_1.3.8-1+lenny7_arm.deb
http://security.debian.org/pool/updates/main/c/cups/libcupsimage2-dev_1.3.8-1+lenny7_arm.deb
http://security.debian.org/pool/updates/main/c/cups/libcupsimage2_1.3.8-1+lenny7_arm.deb
http://security.debian.org/pool/updates/main/c/cups/cups-bsd_1.3.8-1+lenny7_arm.deb
armel (ARM EABI)
http://security.debian.org/pool/updates/main/c/cups/cups-bsd_1.3.8-1+lenny7_armel.deb
http://security.debian.org/pool/updates/main/c/cups/libcups2_1.3.8-1+lenny7_armel.deb
http://security.debian.org/pool/updates/main/c/cups/libcups2-dev_1.3.8-1+lenny7_armel.deb
http://security.debian.org/pool/updates/main/c/cups/cups-client_1.3.8-1+lenny7_armel.deb
http://security.debian.org/pool/updates/main/c/cups/cups-dbg_1.3.8-1+lenny7_armel.deb
http://security.debian.org/pool/updates/main/c/cups/libcupsimage2-dev_1.3.8-1+lenny7_armel.deb
http://security.debian.org/pool/updates/main/c/cups/cups_1.3.8-1+lenny7_armel.deb
http://security.debian.org/pool/updates/main/c/cups/libcupsimage2_1.3.8-1+lenny7_armel.deb
hppa (HP PA RISC)
http://security.debian.org/pool/updates/main/c/cups/cups-client_1.3.8-1+lenny7_hppa.deb
http://security.debian.org/pool/updates/main/c/cups/cups-bsd_1.3.8-1+lenny7_hppa.deb
http://security.debian.org/pool/updates/main/c/cups/libcupsimage2_1.3.8-1+lenny7_hppa.deb
http://security.debian.org/pool/updates/main/c/cups/cups-dbg_1.3.8-1+lenny7_hppa.deb
http://security.debian.org/pool/updates/main/c/cups/libcupsimage2-dev_1.3.8-1+lenny7_hppa.deb
http://security.debian.org/pool/updates/main/c/cups/libcups2_1.3.8-1+lenny7_hppa.deb
http://security.debian.org/pool/updates/main/c/cups/cups_1.3.8-1+lenny7_hppa.deb
http://security.debian.org/pool/updates/main/c/cups/libcups2-dev_1.3.8-1+lenny7_hppa.deb
i386 (Intel ia32)
http://security.debian.org/pool/updates/main/c/cups/libcups2-dev_1.3.8-1+lenny7_i386.deb
http://security.debian.org/pool/updates/main/c/cups/libcupsimage2-dev_1.3.8-1+lenny7_i386.deb
http://security.debian.org/pool/updates/main/c/cups/cups-dbg_1.3.8-1+lenny7_i386.deb
http://security.debian.org/pool/updates/main/c/cups/libcupsimage2_1.3.8-1+lenny7_i386.deb
http://security.debian.org/pool/updates/main/c/cups/cups-bsd_1.3.8-1+lenny7_i386.deb
http://security.debian.org/pool/updates/main/c/cups/libcups2_1.3.8-1+lenny7_i386.deb
http://security.debian.org/pool/updates/main/c/cups/cups_1.3.8-1+lenny7_i386.deb
http://security.debian.org/pool/updates/main/c/cups/cups-client_1.3.8-1+lenny7_i386.deb
ia64 (Intel ia64)
http://security.debian.org/pool/updates/main/c/cups/cups-client_1.3.8-1+lenny7_ia64.deb
http://security.debian.org/pool/updates/main/c/cups/libcupsimage2_1.3.8-1+lenny7_ia64.deb
http://security.debian.org/pool/updates/main/c/cups/libcups2-dev_1.3.8-1+lenny7_ia64.deb
http://security.debian.org/pool/updates/main/c/cups/cups_1.3.8-1+lenny7_ia64.deb
http://security.debian.org/pool/updates/main/c/cups/cups-dbg_1.3.8-1+lenny7_ia64.deb
http://security.debian.org/pool/updates/main/c/cups/libcupsimage2-dev_1.3.8-1+lenny7_ia64.deb
http://security.debian.org/pool/updates/main/c/cups/libcups2_1.3.8-1+lenny7_ia64.deb
http://security.debian.org/pool/updates/main/c/cups/cups-bsd_1.3.8-1+lenny7_ia64.deb
mips (MIPS (Big Endian))
http://security.debian.org/pool/updates/main/c/cups/cups_1.3.8-1+lenny7_mips.deb
http://security.debian.org/pool/updates/main/c/cups/libcups2_1.3.8-1+lenny7_mips.deb
http://security.debian.org/pool/updates/main/c/cups/libcups2-dev_1.3.8-1+lenny7_mips.deb
http://security.debian.org/pool/updates/main/c/cups/cups-dbg_1.3.8-1+lenny7_mips.deb
http://security.debian.org/pool/updates/main/c/cups/cups-client_1.3.8-1+lenny7_mips.deb
http://security.debian.org/pool/updates/main/c/cups/libcupsimage2_1.3.8-1+lenny7_mips.deb
http://security.debian.org/pool/updates/main/c/cups/libcupsimage2-dev_1.3.8-1+lenny7_mips.deb
http://security.debian.org/pool/updates/main/c/cups/cups-bsd_1.3.8-1+lenny7_mips.deb
mipsel (MIPS (Little Endian))
http://security.debian.org/pool/updates/main/c/cups/cups-dbg_1.3.8-1+lenny7_mipsel.deb
http://security.debian.org/pool/updates/main/c/cups/libcups2_1.3.8-1+lenny7_mipsel.deb
http://security.debian.org/pool/updates/main/c/cups/libcupsimage2-dev_1.3.8-1+lenny7_mipsel.deb
http://security.debian.org/pool/updates/main/c/cups/cups-bsd_1.3.8-1+lenny7_mipsel.deb
http://security.debian.org/pool/updates/main/c/cups/libcupsimage2_1.3.8-1+lenny7_mipsel.deb
http://security.debian.org/pool/updates/main/c/cups/cups_1.3.8-1+lenny7_mipsel.deb
http://security.debian.org/pool/updates/main/c/cups/libcups2-dev_1.3.8-1+lenny7_mipsel.deb
http://security.debian.org/pool/updates/main/c/cups/cups-client_1.3.8-1+lenny7_mipsel.deb
powerpc (PowerPC)
http://security.debian.org/pool/updates/main/c/cups/cups-client_1.3.8-1+lenny7_powerpc.deb
http://security.debian.org/pool/updates/main/c/cups/libcupsimage2-dev_1.3.8-1+lenny7_powerpc.deb
http://security.debian.org/pool/updates/main/c/cups/libcups2_1.3.8-1+lenny7_powerpc.deb
http://security.debian.org/pool/updates/main/c/cups/libcups2-dev_1.3.8-1+lenny7_powerpc.deb
http://security.debian.org/pool/updates/main/c/cups/libcupsimage2_1.3.8-1+lenny7_powerpc.deb
http://security.debian.org/pool/updates/main/c/cups/cups-bsd_1.3.8-1+lenny7_powerpc.deb
http://security.debian.org/pool/updates/main/c/cups/cups_1.3.8-1+lenny7_powerpc.deb
http://security.debian.org/pool/updates/main/c/cups/cups-dbg_1.3.8-1+lenny7_powerpc.deb
s390 (IBM S/390)
http://security.debian.org/pool/updates/main/c/cups/libcups2_1.3.8-1+lenny7_s390.deb
http://security.debian.org/pool/updates/main/c/cups/cups_1.3.8-1+lenny7_s390.deb
http://security.debian.org/pool/updates/main/c/cups/cups-dbg_1.3.8-1+lenny7_s390.deb
http://security.debian.org/pool/updates/main/c/cups/cups-client_1.3.8-1+lenny7_s390.deb
http://security.debian.org/pool/updates/main/c/cups/libcupsimage2-dev_1.3.8-1+lenny7_s390.deb
http://security.debian.org/pool/updates/main/c/cups/libcupsimage2_1.3.8-1+lenny7_s390.deb
http://security.debian.org/pool/updates/main/c/cups/cups-bsd_1.3.8-1+lenny7_s390.deb
http://security.debian.org/pool/updates/main/c/cups/libcups2-dev_1.3.8-1+lenny7_s390.deb
sparc (Sun SPARC/UltraSPARC)
http://security.debian.org/pool/updates/main/c/cups/cups_1.3.8-1+lenny7_sparc.deb
http://security.debian.org/pool/updates/main/c/cups/libcupsimage2-dev_1.3.8-1+lenny7_sparc.deb
http://security.debian.org/pool/updates/main/c/cups/cups-dbg_1.3.8-1+lenny7_sparc.deb
http://security.debian.org/pool/updates/main/c/cups/libcups2_1.3.8-1+lenny7_sparc.deb
http://security.debian.org/pool/updates/main/c/cups/libcupsimage2_1.3.8-1+lenny7_sparc.deb
http://security.debian.org/pool/updates/main/c/cups/libcups2-dev_1.3.8-1+lenny7_sparc.deb
http://security.debian.org/pool/updates/main/c/cups/cups-bsd_1.3.8-1+lenny7_sparc.deb
http://security.debian.org/pool/updates/main/c/cups/cups-client_1.3.8-1+lenny7_sparc.deb

Sun (275230)
OpenSolaris / upon builds snv_131 o posterior
http://sunsolve.sun.com/pub-cgi/show.pl?target=patchpage

Red Hat (RHSA-2009:1595-1)
RHEL Desktop Workstation (v. 5 cliente)
Red Hat Enterprise Linux (v. 5 servidor)
Red Hat Enterprise Linux Desktop (v. 5 cliente)
Red Hat Enterprise Linux EUS (v. 5.4.z servidor)
https://rhn.redhat.com/

Suse Linux
Las actualizaciones pueden descargarse mediante YAST o del servidor FTP oficial de Suse Linux.

Identificadores estándar

Propiedad Valor
CVE CVE-2009-2820
CVE-2009-3553
BID

Recursos adicionales

Debian Security Advisory (DSA-1933-1)
http://lists.debian.org/debian-security-announce/2009/msg00256.html

Sun Alert Notification (271169)
http://sunsolve.sun.com/search/document.do?assetkey=1-66-271169-1

Red Hat Security Advisory (RHSA-2009:1595-1)
https://rhn.redhat.com/errata/RHSA-2009-1595.html

SUSE Security Advisory (SUSE-SR:2009:020)
http://www.novell.com/linux/security/advisories/2009_20_sr.html

Sun Alert Notification (275230)
http://sunsolve.sun.com/search/document.do?assetkey=1-66-275230-1

Histórico de versiones

Versión Comentario Fecha
1.0 Aviso emitido 2009-11-19
1.1 Aviso emitido por Sun (271169) 2009-11-23
1.2 Aviso emitido por Red Hat (RHSA-2009:1595-1) 2009-12-01
1.3 Aviso emitido por Suse (SUSE-SR:2009:020) 2010-01-19
1.4 Aviso actualizado por Sun (275230) 2010-01-28

Miembros de

Ministerio de Defensa
CNI
CCN
CCN-CERT