-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Format: 1.7 Date: Mon, 28 Jul 2008 18:57:39 +0200 Source: cupsys Binary: libcupsys2-dev cupsys libcupsys2 libcupsimage2 cupsys-common cupsys-client cupsys-dbg cupsys-bsd libcupsys2-gnutls10 libcupsimage2-dev Architecture: alpha Version: 1.2.7-4etch4 Distribution: stable-security Urgency: high Maintainer: Debian Build Daemon Changed-By: Martin Pitt Description: cupsys - Common UNIX Printing System(tm) - server cupsys-bsd - Common UNIX Printing System(tm) - BSD commands cupsys-client - Common UNIX Printing System(tm) - client programs (SysV) cupsys-dbg - Common UNIX Printing System(tm) - debugging symbols libcupsimage2 - Common UNIX Printing System(tm) - image libs libcupsimage2-dev - Common UNIX Printing System(tm) - image development files libcupsys2 - Common UNIX Printing System(tm) - libs libcupsys2-dev - Common UNIX Printing System(tm) - development files Closes: 476305 Changes: cupsys (1.2.7-4etch4) stable-security; urgency=high . * Add 74_CVE-2008-0053.dpatch: Fix buffer overflows in filter/hpgl-input.c by crated HP-GL files; possibly exploitable to run arbitrary code. (CVE-2008-0053, upstream SVN trunk r7219) * Add 75_CVE-2008-1373.dpatch: Fix buffer overflow in GIF filter by crafted images with large code_size value; potentially exploitable to run arbitrary code. (CVE-2008-1373, STR#2765, upstream svn trunk r7420) * Add 76_CVE-2008-1722.dpatch: Fix integer overflows in PNG filter by crafted images with large dimensions; potentially exploitable to run arbitrary code. (CVE-2008-1722, STR #2790, svn trunk r7437) (Closes: #476305) Files: 26718244f179fbb998e0cf27b1e04640 174978 libs optional libcupsys2_1.2.7-4etch4_alpha.deb 9082641aa750d1901f953dac62d2eb1a 95256 libs optional libcupsimage2_1.2.7-4etch4_alpha.deb 166acee45f52e88388ae84e8f553d638 1614188 net optional cupsys_1.2.7-4etch4_alpha.deb ad42ab5c45b92b23bd156c3e9157ea3d 85908 net optional cupsys-client_1.2.7-4etch4_alpha.deb d9e0907dbca9c56cf8362320a61b84ae 183724 libdevel optional libcupsys2-dev_1.2.7-4etch4_alpha.deb 8c2516b54ba920d361467d418aef9a1d 72654 libdevel optional libcupsimage2-dev_1.2.7-4etch4_alpha.deb baf1db411f2966caba693154d3807668 39322 net extra cupsys-bsd_1.2.7-4etch4_alpha.deb 1b68ee4e399836b98f7e958cd6f5c7fc 1092016 libdevel extra cupsys-dbg_1.2.7-4etch4_alpha.deb -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.6 (GNU/Linux) iQEVAwUBSJUw5Gz0hbPcukPfAQLDPgf9EqERYy6J1z/obl1b07yLP3BAc9m6oY5v +LynkHxsT7bTFYB+nenMAv+VoWDRDriGK8rlu8uxytdKJE2R+48D+fxswtQrkfvP uTOOXwMlAseQjC6w65D0AGdd13CEsVaCylOZmYqkuS6QNyW2h8wxYWLRhm9P47oe OGtOZ6keVi5HaUEaZeNp9T4D9h0XkEdrB6x2Zgxb7PPA8kFcRj7uxBXwMTzI4+wI r+NjWtRO9SSXZFpEcg3syHSZ76zAzSIyR+83LklHurT6T8i/5xh/cDBHJlLPEqt5 Y8ZZSjWw+yVqWpkp5Go3ODA21FrO4BtWLpRBaU6xv82vOWBjELHBCA== =MJva -----END PGP SIGNATURE-----