Format: 1.7 Date: Wed, 26 Mar 2008 10:56:23 -0400 Source: cupsys Binary: cupsys cupsys-bsd cupsys-client cupsys-common libcupsimage2 libcupsimage2-dev libcupsys2 libcupsys2-dev Architecture: amd64_translations amd64 hppa_translations hppa i386_translations i386 all ia64_translations ia64 lpia_translations lpia powerpc_translations powerpc source sparc_translations sparc Version: 1.3.2-1ubuntu7.6 Distribution: gutsy-security Urgency: low Maintainer: Ubuntu Core Developers Changed-By: Jamie Strandboge Description: cupsys - Common UNIX Printing System(tm) - server cupsys-bsd - Common UNIX Printing System(tm) - BSD commands cupsys-client - Common UNIX Printing System(tm) - client programs (SysV) libcupsimage2 - Common UNIX Printing System(tm) - image libs libcupsimage2-dev - Common UNIX Printing System(tm) - image development files libcupsys2 - Common UNIX Printing System(tm) - libs libcupsys2-dev - Common UNIX Printing System(tm) - development files cupsys-common - Common UNIX Printing System(tm) - common files Changes: cupsys (1.3.2-1ubuntu7.6) gutsy-security; urgency=low . * debian/patches/72_CVE-2008-0047.dpatch: Fix buffer overflow in cgiCompileSearch() using crafted search expressions. Exploitable if printer sharing is enabled. Thanks to Martin Pitt for supplying the patch. * debian/patches/73_CVE-2008-0882.dpatch: Fix double-free in process_browse_data(), which could be exploited to a remote DoS by sending crafted data to the cups UDP port. Thanks to Martin Pitt for supplying the patch. * debian/patches/74_pid.dpatch: Specify PidFile in temporary directory in the self test's cupsd.conf. This affects the test suite (in the sense that it actually works now) and does not affect the built binaries at all. (Backported from trunk). Thanks to Martin Pitt for supplying the patch. * debian/patches/75_CVE-2008-0053.dpatch: Fix buffer overflows in ParseCommand() in hpgl-input.c by properly checking number of parameters * debian/patches/76_CVE-2008-1373.dpatch: Fix buffer overflow in gif_read_image() in image-gif.c by properly validating code_size * References CVE-2008-0047 CVE-2008-0882 CVE-2008-0053 CVE-2008-1373 http://www.cups.org/str.php?L2729 http://www.cups.org/str.php?L2656 Files: 3f1ba971fd62023673f379ad9377e093 741511 raw-translations - cupsys_1.3.2-1ubuntu7.6_amd64_translations.tar.gz 1a1404a7d67078e31c8819bf3d8d4dae 186028 libs optional libcupsys2_1.3.2-1ubuntu7.6_amd64.deb e15952781e93e862194d453320605bbc 46780 libs optional libcupsimage2_1.3.2-1ubuntu7.6_amd64.deb c8d6548bd1ba7cb841b196e762da492c 2034570 net optional cupsys_1.3.2-1ubuntu7.6_amd64.deb 5411f2454e0d2a0323e9951cb15a534d 89504 net optional cupsys-client_1.3.2-1ubuntu7.6_amd64.deb 32c671873dfad4e39104da5c3a6e935e 152020 libdevel optional libcupsys2-dev_1.3.2-1ubuntu7.6_amd64.deb 150d59889adc8fd0cb185989876a355d 59890 libdevel optional libcupsimage2-dev_1.3.2-1ubuntu7.6_amd64.deb c3425972caa02e7a25321f49d47c6f9b 37204 net extra cupsys-bsd_1.3.2-1ubuntu7.6_amd64.deb c16f12421570f8d10291f6c7f852815a 741549 raw-translations - cupsys_1.3.2-1ubuntu7.6_hppa_translations.tar.gz f5b63fad6e8dc37d6ddff1babafe6449 192820 libs optional libcupsys2_1.3.2-1ubuntu7.6_hppa.deb faff3abe7b1a718206d92597315583f0 51320 libs optional libcupsimage2_1.3.2-1ubuntu7.6_hppa.deb 3cf5f76bf38827ea1490784b4a779440 2089180 net optional cupsys_1.3.2-1ubuntu7.6_hppa.deb 9d03e1b343dfdba2a97239d5e1c73b32 91776 net optional cupsys-client_1.3.2-1ubuntu7.6_hppa.deb 8f312fdf2136f80053b0759bb93b7415 161930 libdevel optional libcupsys2-dev_1.3.2-1ubuntu7.6_hppa.deb 3984429482b6f829ff6569f3fc7c5499 62360 libdevel optional libcupsimage2-dev_1.3.2-1ubuntu7.6_hppa.deb 1a20354bd70b5869bf8635fcba59d994 39182 net extra cupsys-bsd_1.3.2-1ubuntu7.6_hppa.deb 5d01f105292a526744e5622a14a9aed4 1080444 net optional cupsys-common_1.3.2-1ubuntu7.6_all.deb 774f33d1a6b9806453a71b2308ca9e46 1092243 raw-translations - cupsys_1.3.2-1ubuntu7.6_i386_translations.tar.gz c62bc1107e748c200e6969a239ae8b9b 182802 libs optional libcupsys2_1.3.2-1ubuntu7.6_i386.deb 0ebe76bdf799336e0b2d01d0a0eca72c 46140 libs optional libcupsimage2_1.3.2-1ubuntu7.6_i386.deb cff3abb1b69d797d616e73c93885de3a 2018116 net optional cupsys_1.3.2-1ubuntu7.6_i386.deb 0e4d80917e070f7b2f109de81f96bc4d 86484 net optional cupsys-client_1.3.2-1ubuntu7.6_i386.deb 6766e6515de26b782e211840f330b93e 145694 libdevel optional libcupsys2-dev_1.3.2-1ubuntu7.6_i386.deb 6d2590c49af04215519a87e857463652 58634 libdevel optional libcupsimage2-dev_1.3.2-1ubuntu7.6_i386.deb a982fce3918a91c74e92fb515f1c6d65 36476 net extra cupsys-bsd_1.3.2-1ubuntu7.6_i386.deb a3e8ab602e8e6c2540812b675d0b3506 741553 raw-translations - cupsys_1.3.2-1ubuntu7.6_ia64_translations.tar.gz c2bb4a2862a8b3e168422942e4392878 227706 libs optional libcupsys2_1.3.2-1ubuntu7.6_ia64.deb 3ffdcf6612029a4511349fb2313e92ce 68914 libs optional libcupsimage2_1.3.2-1ubuntu7.6_ia64.deb be4d2ca6a982aed3cb2253b63a626f6c 2268042 net optional cupsys_1.3.2-1ubuntu7.6_ia64.deb ad12693e918475b6767801476d44e59c 113948 net optional cupsys-client_1.3.2-1ubuntu7.6_ia64.deb aa900d3c47cf8343638982e0ff525d60 203332 libdevel optional libcupsys2-dev_1.3.2-1ubuntu7.6_ia64.deb b9d6c88745e3d25898bae521a791634f 82240 libdevel optional libcupsimage2-dev_1.3.2-1ubuntu7.6_ia64.deb 7f72617e7fe03183d3d505faed005d03 46098 net extra cupsys-bsd_1.3.2-1ubuntu7.6_ia64.deb 4100e336894a0c799cd08c4c0add7e44 741490 raw-translations - cupsys_1.3.2-1ubuntu7.6_lpia_translations.tar.gz 54569eb3847fe984faf8ccffcb067f30 181018 libs optional libcupsys2_1.3.2-1ubuntu7.6_lpia.deb 2049f9b317fb9ca16ca3578352c16591 47528 libs optional libcupsimage2_1.3.2-1ubuntu7.6_lpia.deb bfcf3e927251f6bd46542d260d8027f5 2021044 net optional cupsys_1.3.2-1ubuntu7.6_lpia.deb dd78ef30cd04258be559a3bf547ab344 88292 net optional cupsys-client_1.3.2-1ubuntu7.6_lpia.deb 6c2f4911e03273ee97d120d539ee83a1 142430 libdevel optional libcupsys2-dev_1.3.2-1ubuntu7.6_lpia.deb fd2f00ee850a03383f3005447815a519 59402 libdevel optional libcupsimage2-dev_1.3.2-1ubuntu7.6_lpia.deb ecadd0dedd6db18899aec97d2c717f02 36670 net extra cupsys-bsd_1.3.2-1ubuntu7.6_lpia.deb 87b32e16e9fe6c0cd81d93c8942dcef1 741512 raw-translations - cupsys_1.3.2-1ubuntu7.6_powerpc_translations.tar.gz 46d534c4c477657ab03419d18f91728f 191752 libs optional libcupsys2_1.3.2-1ubuntu7.6_powerpc.deb 9d30c790a4b94ac07670d7e15c2e41ab 51716 libs optional libcupsimage2_1.3.2-1ubuntu7.6_powerpc.deb 73d517a40d877a238856a232e6be64c9 2099222 net optional cupsys_1.3.2-1ubuntu7.6_powerpc.deb 76e4020feb1778e713389fc6bdb86ea9 107752 net optional cupsys-client_1.3.2-1ubuntu7.6_powerpc.deb f73327e30e2778bdcf4543c04855e6a1 146948 libdevel optional libcupsys2-dev_1.3.2-1ubuntu7.6_powerpc.deb 8530840cf85bf44c8803fd064b61e1f7 59342 libdevel optional libcupsimage2-dev_1.3.2-1ubuntu7.6_powerpc.deb 044a54c557dd4006bb40a13dd2c2b156 46498 net extra cupsys-bsd_1.3.2-1ubuntu7.6_powerpc.deb c56faedc440fc2b16f9a1f396a607d1e 1218 net optional cupsys_1.3.2-1ubuntu7.6.dsc 81ae6b42c7dd12a1797a63d19c644a8c 125298 net optional cupsys_1.3.2-1ubuntu7.6.diff.gz e17fd49a58fb6b5c80d89ced5a00f2f0 741465 raw-translations - cupsys_1.3.2-1ubuntu7.6_sparc_translations.tar.gz 8283739361474f00d65f9bf52d7c0e3d 181842 libs optional libcupsys2_1.3.2-1ubuntu7.6_sparc.deb 60eda5d4cc12eb2c35817d6c0d4ef43a 45440 libs optional libcupsimage2_1.3.2-1ubuntu7.6_sparc.deb ed932d7ee05e745bc0af647d361e7d99 2060610 net optional cupsys_1.3.2-1ubuntu7.6_sparc.deb 69149447dbd4e3b36185bd977202f837 89606 net optional cupsys-client_1.3.2-1ubuntu7.6_sparc.deb 8e1d119a91b8c6d8d15032b27a498235 148476 libdevel optional libcupsys2-dev_1.3.2-1ubuntu7.6_sparc.deb 7369866ac9adb6abd966e2d1e2f95b42 57900 libdevel optional libcupsimage2-dev_1.3.2-1ubuntu7.6_sparc.deb 1771f3f6f2ceb1864696801f7f420e93 37564 net extra cupsys-bsd_1.3.2-1ubuntu7.6_sparc.deb Original-Maintainer: Debian CUPS Maintainers