Format: 1.8 Date: Fri, 18 Jun 2010 10:26:08 -0400 Source: cups Binary: libcups2 libcupsimage2 cups cups-client libcups2-dev libcupsimage2-dev cups-bsd cups-common cups-dbg cupsys cupsys-client cupsys-common cupsys-bsd cupsys-dbg libcupsys2 libcupsys2-dev Architecture: hppa_translations hppa Version: 1.3.9-17ubuntu3.9 Distribution: jaunty Urgency: low Maintainer: Ubuntu/hppa Build Daemon Changed-By: Marc Deslauriers Description: cups - Common UNIX Printing System(tm) - server cups-bsd - Common UNIX Printing System(tm) - BSD commands cups-client - Common UNIX Printing System(tm) - client programs (SysV) cups-common - Common UNIX Printing System(tm) - common files cups-dbg - Common UNIX Printing System(tm) - debugging symbols cupsys - Common UNIX Printing System (transitional package) cupsys-bsd - Common UNIX Printing System (transitional package) cupsys-client - Common UNIX Printing System (transitional package) cupsys-common - Common UNIX Printing System (transitional package) cupsys-dbg - Common UNIX Printing System (transitional package) libcups2 - Common UNIX Printing System(tm) - libs libcups2-dev - Common UNIX Printing System(tm) - development files libcupsimage2 - Common UNIX Printing System(tm) - image libs libcupsimage2-dev - Common UNIX Printing System(tm) - image development files libcupsys2 - Common UNIX Printing System (transitional package) libcupsys2-dev - Common UNIX Printing System (transitional package) Changes: cups (1.3.9-17ubuntu3.9) jaunty-security; urgency=low . * SECURITY UPDATE: cross-site request forgery in admin interface - debian/patches/CVE-2010-0540.dpatch: add unpredictable session token to cgi-bin/admin.c, cgi-bin/cgi.h, cgi-bin/ipp-var.c, cgi-bin/template.c, cgi-bin/var.c, scheduler/client.c, templates/*.tmpl. - CVE-2010-0540 * SECURITY UPDATE: denial of service or arbitrary code execution in texttops image filter - debian/patches/CVE-2010-0542.dpatch: make sure calloc succeeded in filter/texttops.c. - CVE-2010-0542 * SECURITY UPDATE: web interface memory disclosure - debian/patches/CVE-2010-1748.dpatch: validate data in cgi-bin/var.c. - CVE-2010-1748 * SECURITY UPDATE: file overwrite vulnerability - debian/patches/security-str3510.dpatch: introduce cups_open() in cups/file.c and use to make sure hard-linked or symlinked files don't get overwritten as root. - No CVE number Checksums-Sha1: 5e2089a2c98c9c870407d0363890c6e9a8f78bc8 899362 cups_1.3.9-17ubuntu3.9_hppa_translations.tar.gz 8774dbf170889e075ef8b42f01f25786078d3c10 182914 libcups2_1.3.9-17ubuntu3.9_hppa.deb f0d64f6a190361d73fc8a06eaaeda422ca79d5f9 55776 libcupsimage2_1.3.9-17ubuntu3.9_hppa.deb c5280f02d1d44ff5d201de7efad67e58f386c082 2232444 cups_1.3.9-17ubuntu3.9_hppa.deb 59399c54ef3978ffa1abf263c391e44124de2961 121058 cups-client_1.3.9-17ubuntu3.9_hppa.deb 9a3bc31dce1a9d3ea4adde481c423b5bd973a174 360512 libcups2-dev_1.3.9-17ubuntu3.9_hppa.deb 8ee17398bacdc1503c0786e8f8efe6b276c4a56a 63294 libcupsimage2-dev_1.3.9-17ubuntu3.9_hppa.deb 1f4cba6aba86a9126b4bd22bb6b64fb350b3e8bb 38166 cups-bsd_1.3.9-17ubuntu3.9_hppa.deb d22307dd79b82de31275bd7082edee29635036e8 1589818 cups-dbg_1.3.9-17ubuntu3.9_hppa.deb Checksums-Sha256: 830e4cb13ddf3dd7f030cd19710ffef339136a5f62ca0082d7f85358370d7686 899362 cups_1.3.9-17ubuntu3.9_hppa_translations.tar.gz 4ed17871859bf146a5ea14beb950e997f6ba9b61f85367d7052884f8be998ce5 182914 libcups2_1.3.9-17ubuntu3.9_hppa.deb 481773295acfc0619846415cc929769a31ff838f2861f42697e0724fa3f24dcb 55776 libcupsimage2_1.3.9-17ubuntu3.9_hppa.deb fc22c83265be547b023b7d4e3c0d1bd50b7e092600b60a56adc4e369cdac2e49 2232444 cups_1.3.9-17ubuntu3.9_hppa.deb 1cc63fd504116bb6634bdc3610f76fd1a4bee246ef0625ec9c86b318fb70e7eb 121058 cups-client_1.3.9-17ubuntu3.9_hppa.deb c7912860ff55b50edd2b0abe2ceb986f0bd1121b592546183c753bc5c38b9537 360512 libcups2-dev_1.3.9-17ubuntu3.9_hppa.deb 1ac408573347c98fb43806e9a27d31317bdeeeca50e54e57325ac9c0bb740f30 63294 libcupsimage2-dev_1.3.9-17ubuntu3.9_hppa.deb cd51bbc83d2747c4dc40e9bd5a71ede6979126581bf8e588f2dd985618328fa0 38166 cups-bsd_1.3.9-17ubuntu3.9_hppa.deb f85456cfdddb73b0285ce921db83ddeeb618b0f553b7166174262f37ec4da7db 1589818 cups-dbg_1.3.9-17ubuntu3.9_hppa.deb Files: 30d0ae70b2490f4001801f4d5c744df7 899362 raw-translations - cups_1.3.9-17ubuntu3.9_hppa_translations.tar.gz f0af1bf0943553f904cf73775f169c14 182914 libs optional libcups2_1.3.9-17ubuntu3.9_hppa.deb ff4324526502c028ed21020fcdee965f 55776 libs optional libcupsimage2_1.3.9-17ubuntu3.9_hppa.deb 7bd57fb1f3a540e57f64436cc7f33310 2232444 net optional cups_1.3.9-17ubuntu3.9_hppa.deb 1529433c60ed7a36105dd66634964223 121058 net optional cups-client_1.3.9-17ubuntu3.9_hppa.deb 06e807ef2ca45cc07700500f352c9069 360512 libdevel optional libcups2-dev_1.3.9-17ubuntu3.9_hppa.deb 8ccf380230694fc9708a2929d42835ac 63294 libdevel optional libcupsimage2-dev_1.3.9-17ubuntu3.9_hppa.deb 636f7a3970f0418ee17e10458370d143 38166 net extra cups-bsd_1.3.9-17ubuntu3.9_hppa.deb 56b67334655d308b366cef052749142e 1589818 debug extra cups-dbg_1.3.9-17ubuntu3.9_hppa.deb Original-Maintainer: Debian CUPS Maintainers