This service will be undergoing maintenance at 00:00 UTC, 2017-10-23 It is expected to last about 30 minutes

Bug 250161 (CVE-2007-4045)

Summary: CVE-2007-4045 Incomplete fix for CVE-2007-0720 CUPS denial of service
Product: [Other] Security Response Reporter: Lubomir Kundrak <lkundrak>
Component: vulnerabilityAssignee: Red Hat Product Security <security-response-team>
Status: CLOSED ERRATA QA Contact:
Severity: low Docs Contact:
Priority: low    
Version: unspecifiedCC: twaugh
Target Milestone: ---Keywords: Regression, Security
Target Release: ---   
Hardware: All   
OS: Linux   
Whiteboard: impact=low,source=cve,public=20070720,reported=20070730
Fixed In Version: 1.3.4-2.fc8 Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2007-11-08 01:03:41 EST Type: ---
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---
Bug Depends On: 356541, 356551, 356561    
Bug Blocks:    
Description Flags
Patch for CVE-2007-4045 CUPS DoS sucked from SUSE package none

Description Lubomir Kundrak 2007-07-30 15:34:22 EDT
Description of problem:

SUSE-SR:2007:014 (see URL field) reads:

   - cups denial of service regression fix

     CUPS packages were released to fix another denial of service problem
     introduced by the previous Denial of Service Fix for CVE-2007-0720, which was

Version-Release number of selected component (if applicable):

        CVE-2007-4045 Affects: RHEL4
        CVE-2007-4045 Affects: RHEL5
        CVE-2007-4045 Affects: FC6
        CVE-2007-4045 Affects: FC7
Comment 1 Lubomir Kundrak 2007-07-30 15:34:22 EDT
Created attachment 160266 [details]
Patch for CVE-2007-4045 CUPS DoS sucked from SUSE package
Comment 5 Fedora Update System 2007-11-08 01:03:35 EST
cups-1.3.4-2.fc8 has been pushed to the Fedora 8 stable repository.  If problems still persist, please make note of it in this bug report.
Comment 6 Fedora Update System 2007-11-09 18:51:52 EST
cups-1.2.12-7.fc7 has been pushed to the Fedora 7 stable repository.  If problems still persist, please make note of it in this bug report.
Comment 7 Tomas Hoger 2008-03-23 06:05:56 EDT
This issue only affected CUPS versions prior to 1.2.x and was addressed in CUPS
packages in Red Hat Enterprise Linux 3 and 4.

Patches applied to Fedora packages were not needed and were dropped few weeks later:

* Fri Nov 30 2007 Tim Waugh <>
- CVE-2007-4045 patch is not necessarily because cupsd_client_t objects are
  not moved in array operations, only pointers to them.

Also noted by upstream in

 This patch is not valid or needed for any version of CUPS since 1.2.

 The problem in 1.1.x was that the Clients array was allocated as a
 contiguous array, so when a client went away the user data pointer for
 OpenSSL needed to be updated to point to the correct http_t structure.

 In 1.2 we changed the Clients array to use individually-allocated
 cupsd_client_t structures managed by the CUPS array API. This means
 that the address of the http_t structure won't change when a client
 is removed or added.
Comment 8 Red Hat Product Security 2008-03-23 06:08:54 EDT
This issue was addressed in:

Red Hat Enterprise Linux: