-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Format: 1.7 Date: Mon, 28 Jul 2008 18:57:39 +0200 Source: cupsys Binary: libcupsys2-dev cupsys libcupsys2 libcupsimage2 cupsys-common cupsys-client cupsys-dbg cupsys-bsd libcupsys2-gnutls10 libcupsimage2-dev Architecture: ia64 Version: 1.2.7-4etch4 Distribution: stable-security Urgency: high Maintainer: Debian/IA64 Build Daemon Changed-By: Martin Pitt Description: cupsys - Common UNIX Printing System(tm) - server cupsys-bsd - Common UNIX Printing System(tm) - BSD commands cupsys-client - Common UNIX Printing System(tm) - client programs (SysV) cupsys-dbg - Common UNIX Printing System(tm) - debugging symbols libcupsimage2 - Common UNIX Printing System(tm) - image libs libcupsimage2-dev - Common UNIX Printing System(tm) - image development files libcupsys2 - Common UNIX Printing System(tm) - libs libcupsys2-dev - Common UNIX Printing System(tm) - development files Closes: 476305 Changes: cupsys (1.2.7-4etch4) stable-security; urgency=high . * Add 74_CVE-2008-0053.dpatch: Fix buffer overflows in filter/hpgl-input.c by crated HP-GL files; possibly exploitable to run arbitrary code. (CVE-2008-0053, upstream SVN trunk r7219) * Add 75_CVE-2008-1373.dpatch: Fix buffer overflow in GIF filter by crafted images with large code_size value; potentially exploitable to run arbitrary code. (CVE-2008-1373, STR#2765, upstream svn trunk r7420) * Add 76_CVE-2008-1722.dpatch: Fix integer overflows in PNG filter by crafted images with large dimensions; potentially exploitable to run arbitrary code. (CVE-2008-1722, STR #2790, svn trunk r7437) (Closes: #476305) Files: b457e7ae7fb11f876225150e559a4272 203930 libs optional libcupsys2_1.2.7-4etch4_ia64.deb b61d48e93e413245d3fd5ebe47c31243 106642 libs optional libcupsimage2_1.2.7-4etch4_ia64.deb 398872427b493f8206c38a3504fc1904 1770682 net optional cupsys_1.2.7-4etch4_ia64.deb fb838547edf473df7efaa8fe41cf42f1 106226 net optional cupsys-client_1.2.7-4etch4_ia64.deb eea62b30397305acdf6f98a6df50cf8e 192372 libdevel optional libcupsys2-dev_1.2.7-4etch4_ia64.deb e1f00e7e8be7549ac2b58adaeba0f5b2 74158 libdevel optional libcupsimage2-dev_1.2.7-4etch4_ia64.deb 922f2bd1d98fcbb40badcebd7c0cc07c 46330 net extra cupsys-bsd_1.2.7-4etch4_ia64.deb 65945b9397a13a31fb8646cb71ef7794 1107892 libdevel extra cupsys-dbg_1.2.7-4etch4_ia64.deb -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.6 (GNU/Linux) iQEVAwUBSJFxumz0hbPcukPfAQIgegf/aOeWp/2NKYmuJWw2tHvYuRkwKrRG+rI4 ZzXYn6evyZSUyBBzolQEgUyMAju7HDH4fmWER5G/OCkoraGdDaBHBPJ5SJ/Hhe02 zGG6ANGDN5ZwI6YLEwySKhnVYhzgkfTnnXuqPae8x2ZUdrVgMjSNETx5Gt+O5Bon j5Tr+rQAKja8XZlOFBIcEH49HHORusOmnL6FbNsTDOSP7tybquBH0Mc8sVGF8jm0 twDA8FK4XbI0Zz3IlkzeCuprphaaSqb2JcOWatfcVhCcS+5uSOf+HLV41zpMqMXU DH1w8ZDx+EHSfCNEFIaCIqSvBIg54S2yEV/veqtpCOWemuXJ7Wrv/A== =Z7aP -----END PGP SIGNATURE-----