-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Format: 1.7 Date: Mon, 28 Jul 2008 18:57:39 +0200 Source: cupsys Binary: libcupsys2-dev cupsys libcupsys2 libcupsimage2 cupsys-common cupsys-client cupsys-dbg cupsys-bsd libcupsys2-gnutls10 libcupsimage2-dev Architecture: powerpc Version: 1.2.7-4etch4 Distribution: stable-security Urgency: high Maintainer: Debian Build Daemon Changed-By: Martin Pitt Description: cupsys - Common UNIX Printing System(tm) - server cupsys-bsd - Common UNIX Printing System(tm) - BSD commands cupsys-client - Common UNIX Printing System(tm) - client programs (SysV) cupsys-dbg - Common UNIX Printing System(tm) - debugging symbols libcupsimage2 - Common UNIX Printing System(tm) - image libs libcupsimage2-dev - Common UNIX Printing System(tm) - image development files libcupsys2 - Common UNIX Printing System(tm) - libs libcupsys2-dev - Common UNIX Printing System(tm) - development files Closes: 476305 Changes: cupsys (1.2.7-4etch4) stable-security; urgency=high . * Add 74_CVE-2008-0053.dpatch: Fix buffer overflows in filter/hpgl-input.c by crated HP-GL files; possibly exploitable to run arbitrary code. (CVE-2008-0053, upstream SVN trunk r7219) * Add 75_CVE-2008-1373.dpatch: Fix buffer overflow in GIF filter by crafted images with large code_size value; potentially exploitable to run arbitrary code. (CVE-2008-1373, STR#2765, upstream svn trunk r7420) * Add 76_CVE-2008-1722.dpatch: Fix integer overflows in PNG filter by crafted images with large dimensions; potentially exploitable to run arbitrary code. (CVE-2008-1722, STR #2790, svn trunk r7437) (Closes: #476305) Files: 05df3db670b3f2a4dbb9d8a2d666eaca 162918 libs optional libcupsys2_1.2.7-4etch4_powerpc.deb 4546a01b202669d3ffa97dca5b93bf03 88204 libs optional libcupsimage2_1.2.7-4etch4_powerpc.deb 67c38bd81585274c0844efeedca40153 1576028 net optional cupsys_1.2.7-4etch4_powerpc.deb 61698739b3b436e6d1651dc388a89575 90004 net optional cupsys-client_1.2.7-4etch4_powerpc.deb e5c2d81190a9233eb291b519c3b83de6 136880 libdevel optional libcupsys2-dev_1.2.7-4etch4_powerpc.deb 321b1c0c9d59643294a87b00f81f7895 51894 libdevel optional libcupsimage2-dev_1.2.7-4etch4_powerpc.deb 45f55f0797900433a145028d63f6a6ef 41310 net extra cupsys-bsd_1.2.7-4etch4_powerpc.deb 10680b3b7efdeb10e9d834e869944206 1142660 libdevel extra cupsys-dbg_1.2.7-4etch4_powerpc.deb -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.6 (GNU/Linux) iQEVAwUBSJFxtGz0hbPcukPfAQIWDggAg3Hap2GCW2/jsj5mW+WHB5yIihw2JkN0 X05Y+B6jmS/lJOwSMtzH3nAA1y0/7A6cm4YLRIkCr1hz0DqFgrJxFI7pks2vLtMS bUPz6ML3uNioLbslq6zNI0NGKEvNr2m4gTEzijDGsTJlEJqYFvIavVAGibYqS8Os eF5bSgCmE4F5pOjCSXr5xlAa8HLrgLtsm1RGpR70qX/N/EkjusnAjcs85aA8txy0 ZbrSqBWJJuBglh/joabvmwmvApnsvygGh3nF/1tzMrJ/L5jztsZEVAhd7WgaklSI NazvsBLzmH1ymHAoHLyYtLYPwTIRVzfp5Hl47v90SUtxHEdX/jlYBA== =u4Kw -----END PGP SIGNATURE-----