-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Format: 1.7 Date: Mon, 28 Jul 2008 18:57:39 +0200 Source: cupsys Binary: libcupsys2-dev cupsys libcupsys2 libcupsimage2 cupsys-common cupsys-client cupsys-dbg cupsys-bsd libcupsys2-gnutls10 libcupsimage2-dev Architecture: hppa Version: 1.2.7-4etch4 Distribution: stable-security Urgency: high Maintainer: Debian/HPPA Build Daemon Changed-By: Martin Pitt Description: cupsys - Common UNIX Printing System(tm) - server cupsys-bsd - Common UNIX Printing System(tm) - BSD commands cupsys-client - Common UNIX Printing System(tm) - client programs (SysV) cupsys-dbg - Common UNIX Printing System(tm) - debugging symbols libcupsimage2 - Common UNIX Printing System(tm) - image libs libcupsimage2-dev - Common UNIX Printing System(tm) - image development files libcupsys2 - Common UNIX Printing System(tm) - libs libcupsys2-dev - Common UNIX Printing System(tm) - development files Closes: 476305 Changes: cupsys (1.2.7-4etch4) stable-security; urgency=high . * Add 74_CVE-2008-0053.dpatch: Fix buffer overflows in filter/hpgl-input.c by crated HP-GL files; possibly exploitable to run arbitrary code. (CVE-2008-0053, upstream SVN trunk r7219) * Add 75_CVE-2008-1373.dpatch: Fix buffer overflow in GIF filter by crafted images with large code_size value; potentially exploitable to run arbitrary code. (CVE-2008-1373, STR#2765, upstream svn trunk r7420) * Add 76_CVE-2008-1722.dpatch: Fix integer overflows in PNG filter by crafted images with large dimensions; potentially exploitable to run arbitrary code. (CVE-2008-1722, STR #2790, svn trunk r7437) (Closes: #476305) Files: 3b9de8875c9be02866143463b0c919f0 172120 libs optional libcupsys2_1.2.7-4etch4_hppa.deb ab272c582600f995706b46709c510f32 91152 libs optional libcupsimage2_1.2.7-4etch4_hppa.deb 67216c81ae5f4d2f1d8b571f7099492e 1624440 net optional cupsys_1.2.7-4etch4_hppa.deb aebbadb4ddb70dde9a524fd56b7bfb46 86898 net optional cupsys-client_1.2.7-4etch4_hppa.deb 2a27882b763ce10df0fd172cfa8d22bb 154086 libdevel optional libcupsys2-dev_1.2.7-4etch4_hppa.deb 4e117dab53e958404f958b99b08da4c1 57192 libdevel optional libcupsimage2-dev_1.2.7-4etch4_hppa.deb 1bbd6351cb6cd5f686faaddbeb731c4f 39270 net extra cupsys-bsd_1.2.7-4etch4_hppa.deb b587ee12458f80bd76a1d7b84869b741 1022644 libdevel extra cupsys-dbg_1.2.7-4etch4_hppa.deb -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.6 (GNU/Linux) iQEVAwUBSJFxumz0hbPcukPfAQJpdQgAvee1DTs2Y4K82GlW+ZWSS60kP4sDhj59 HYn2Z+rj0eiyKx5q40QgqAw9vWKy3gfzWr1O/wqnW3Xz6cINWjImuOc/lHM7M+Ld D1xrjlz3pbFRZWMcJvJ3zrO1LsQj+P5Rl8I8ib5m7+yjqNvtdQTO8fnr77KqkdvI smUKuuguG6jSfN4e5Fuo6HmLDM1i7LYBERWwss3zEObvlF/tyWjveyUisvsABB6l Zs2ypNflaNUrwygwkEtVRwLhQIDHpOgGwuv41tNb10QHXJNjr96aCdMFdQH77Cd7 mz++SYPNyc5Z1M/DQAFtvftcJk/4jdjyBC3Qu542XrTsMrwzqSSWww== =Z7Lt -----END PGP SIGNATURE-----