CUPS, libpng 모듈의 버퍼오버플로우 취약점 패치

오늘아침에 업데이트를 마쳤는데 CERTCC.OR.KR에서 메일링이 올라왔군요.. -------------------------------------------------------------------------- 안녕하세요. KISA의 강준구입니다. 레드햇의 CUPS(Common Unix Printing System)와 libpng(library of Portable Network Graphics) 모듈에 버퍼오버플로 취약점에 대한 업데이트 패키지가 나왔습니다. 레드햇을 이용하시는 이용자들께서는 아래의 위치에서 패키지를 다운로드 받아서 업데이트를 하십시요. 1. CUPS(Common Unix Printing System) 업데이트 다운로드 위치: Red Hat Linux 7.3: SRPMS: ftp://updates.redhat.com/7.3/en/os/SRPMS/cups-1.1.14-15.2.src.rpm i386: ftp://updates.redhat.com/7.3/en/os/i386/cups-1.1.14-15.2.i386.rpm ftp://updates.redhat.com/7.3/en/os/i386/cups-devel-1.1.14-15.2.i386.rpm ftp://updates.redhat.com/7.3/en/os/i386/cups-libs-1.1.14-15.2.i386.rpm Red Hat Linux 8.0: SRPMS: ftp://updates.redhat.com/8.0/en/os/SRPMS/cups-1.1.17-0.2.src.rpm i386: ftp://updates.redhat.com/8.0/en/os/i386/cups-1.1.17-0.2.i386.rpm ftp://updates.redhat.com/8.0/en/os/i386/cups-devel-1.1.17-0.2.i386.rpm ftp://updates.redhat.com/8.0/en/os/i386/cups-libs-1.1.17-0.2.i386.rpm 2. libpng(library of Portable Network Graphics) 업데이트 다운로드 위치: Red Hat Linux 6.2: SRPMS: ftp://updates.redhat.com/6.2/en/os/SRPMS/libpng-1.0.14-0.6x.4.src.rpm i386: ftp://updates.redhat.com/6.2/en/os/i386/libpng-1.0.14-0.6x.4.i386.rpm ftp://updates.redhat.com/6.2/en/os/i386/libpng-devel-1.0.14-0.6x.4.i386.rpm Red Hat Linux 7.0: SRPMS: ftp://updates.redhat.com/7.0/en/os/SRPMS/libpng-1.0.14-0.70.2.src.rpm i386: ftp://updates.redhat.com/7.0/en/os/i386/libpng-1.0.14-0.70.2.i386.rpm ftp://updates.redhat.com/7.0/en/os/i386/libpng-devel-1.0.14-0.70.2.i386.rpm Red Hat Linux 7.1: SRPMS: ftp://updates.redhat.com/7.1/en/os/SRPMS/libpng-1.0.14-0.7x.4.src.rpm i386: ftp://updates.redhat.com/7.1/en/os/i386/libpng-1.0.14-0.7x.4.i386.rpm ftp://updates.redhat.com/7.1/en/os/i386/libpng-devel-1.0.14-0.7x.4.i386.rpm Red Hat Linux 7.2: SRPMS: ftp://updates.redhat.com/7.2/en/os/SRPMS/libpng-1.0.14-0.7x.4.src.rpm i386: ftp://updates.redhat.com/7.2/en/os/i386/libpng-1.0.14-0.7x.4.i386.rpm ftp://updates.redhat.com/7.2/en/os/i386/libpng-devel-1.0.14-0.7x.4.i386.rpm ia64: ftp://updates.redhat.com/7.2/en/os/ia64/libpng-1.0.14-0.7x.4.ia64.rpm ftp://updates.redhat.com/7.2/en/os/ia64/libpng-devel-1.0.14-0.7x.4.ia64.rpm Red Hat Linux 7.3: SRPMS: ftp://updates.redhat.com/7.3/en/os/SRPMS/libpng-1.0.14-0.7x.4.src.rpm i386: ftp://updates.redhat.com/7.3/en/os/i386/libpng-1.0.14-0.7x.4.i386.rpm ftp://updates.redhat.com/7.3/en/os/i386/libpng-devel-1.0.14-0.7x.4.i386.rpm Red Hat Linux 8.0: SRPMS: ftp://updates.redhat.com/8.0/en/os/SRPMS/libpng-1.2.2-8.src.rpm i386: ftp://updates.redhat.com/8.0/en/os/i386/libpng-1.2.2-8.i386.rpm ftp://updates.redhat.com/8.0/en/os/i386/libpng-devel-1.2.2-8.i386.rpm -- -+-----+-----+-----+-----+-----+-----+-----+-----+-----+-----+-----+- 강 준 구(Jungu Kang)연구원 KISA(Korea Information Security Agency) CERT(Computer Emergency Responce Team) * Coordination Center E-Mail : jgkang@certcc.or.kr / [Phone] 02-405-5526 (+82-2-405-5526) [PGP Public Key - http://www.certcc.or.kr/teampub.txt] Web Site : http://www.certcc.or.kr, http://www.cyber118.or.kr -+-----+-----+-----+-----+-----+-----+-----+-----+-----+-----+-----+- 관련 링크: http://www.certcc.or.kr