Format: 1.7 Date: Tue, 14 Oct 2008 14:02:18 -0500 Source: cupsys Binary: cupsys cupsys-bsd cupsys-client cupsys-common libcupsimage2 libcupsimage2-dev libcupsys2 libcupsys2-dev Architecture: amd64_translations amd64 i386_translations i386 all ia64_translations ia64 powerpc_translations powerpc source sparc_translations sparc Version: 1.2.8-0ubuntu8.6 Distribution: feisty-security Urgency: low Maintainer: Ubuntu Core Developers Changed-By: Jamie Strandboge Description: cupsys - Common UNIX Printing System(tm) - server cupsys-bsd - Common UNIX Printing System(tm) - BSD commands cupsys-client - Common UNIX Printing System(tm) - client programs (SysV) libcupsimage2 - Common UNIX Printing System(tm) - image libs libcupsimage2-dev - Common UNIX Printing System(tm) - image development files libcupsys2 - Common UNIX Printing System(tm) - libs libcupsys2-dev - Common UNIX Printing System(tm) - development files cupsys-common - Common UNIX Printing System(tm) - common files Changes: cupsys (1.2.8-0ubuntu8.6) feisty-security; urgency=low . * SECURITY UPDATE: heap-based buffer overflow due to unchecked boundary in the SGI filter - debian/patches/105_CVE-2008-3639.dpatch: adjust filter/image-sgilib.c to properly check for xsize. Taken from Debian patch by Martin Pitt. - STR #2918 - CVE-2008-3639 * SECURITY UPDATE: integer overflow in texttops filter which could lead to heap-based overflow - debian/patches/106_CVE-2008-3640.dpatch: adjust textcommon.c and texttops.c to check for too large or negative page metrics. Based on Debian patch by Martin Pitt. - STR #2919 - CVE-2008-3640 * SECURITY UPDATE: buffer overflow in HPGL filter which could lead to arbitrary code execution - debian/patches/107_CVE-2008-3641.dpatch: adjust hpgl-attr.c to properly check for an invalid number of pens. Also includes fix for regression in orginal upstream patch which changed the color mapping and an off-by-one loop error. Taken from Debian patch by Martin Pitt. - STR #2911 - STR #2966 - CVE-2008-3641 Files: d616700704d30e0ef78cb9b4d768804c 306747 raw-translations - cupsys_1.2.8-0ubuntu8.6_amd64_translations.tar.gz 0ed6d4f8c813e2c36bcaa7b7ca98ccad 182728 libs optional libcupsys2_1.2.8-0ubuntu8.6_amd64.deb 7bfc0e70546baa2c98421a9dd7a373e6 104860 libs optional libcupsimage2_1.2.8-0ubuntu8.6_amd64.deb a502a4f981385dcba50ed5b6fc8fe969 1638902 net optional cupsys_1.2.8-0ubuntu8.6_amd64.deb 361cd5ffca4125245798312c3a9c7eaa 83230 net optional cupsys-client_1.2.8-0ubuntu8.6_amd64.deb 9d30fa04e2aa415fb126188aa4d32349 144852 libdevel optional libcupsys2-dev_1.2.8-0ubuntu8.6_amd64.deb a9f413ff725abe42af63312ea6e826e7 56598 libdevel optional libcupsimage2-dev_1.2.8-0ubuntu8.6_amd64.deb 2d7cb4cb3bfeeeb5af3db756f1a0a5be 37404 net extra cupsys-bsd_1.2.8-0ubuntu8.6_amd64.deb 41e6c60357740e668198976afcce6bd1 926804 net optional cupsys-common_1.2.8-0ubuntu8.6_all.deb b2156ca218ad874c8893af9a64958d84 306787 raw-translations - cupsys_1.2.8-0ubuntu8.6_i386_translations.tar.gz b2bb50b90caac66408739e67ecc9fdb5 179030 libs optional libcupsys2_1.2.8-0ubuntu8.6_i386.deb ececfa4f50e077d5049116a47cc44965 104592 libs optional libcupsimage2_1.2.8-0ubuntu8.6_i386.deb 551c9d7c9836efe7a927a609699976ad 1621450 net optional cupsys_1.2.8-0ubuntu8.6_i386.deb 4d29ca2e6d3de00e3a10c55c677c8cd6 80752 net optional cupsys-client_1.2.8-0ubuntu8.6_i386.deb b5c4606316c175feac7dd9a8f78acc56 139320 libdevel optional libcupsys2-dev_1.2.8-0ubuntu8.6_i386.deb b70e3b3a1c86aa782a42fcf1a40ff197 55720 libdevel optional libcupsimage2-dev_1.2.8-0ubuntu8.6_i386.deb 014d51e184b4435a28c1e820455fb0a1 36712 net extra cupsys-bsd_1.2.8-0ubuntu8.6_i386.deb 82c03531210ed5489d51f2e614ee4b29 306756 raw-translations - cupsys_1.2.8-0ubuntu8.6_ia64_translations.tar.gz df97ff222cf7a93f3cb202e42804d560 222148 libs optional libcupsys2_1.2.8-0ubuntu8.6_ia64.deb d303d61d448c6a6ca3c631b1bd5e3a52 126868 libs optional libcupsimage2_1.2.8-0ubuntu8.6_ia64.deb 7a7d10aa36566c64ddcd60c1d19e60c0 1845164 net optional cupsys_1.2.8-0ubuntu8.6_ia64.deb 48bf621b340eb97c3801469df64d62ff 106806 net optional cupsys-client_1.2.8-0ubuntu8.6_ia64.deb 9c290faed687bead539e183ed29c6883 193320 libdevel optional libcupsys2-dev_1.2.8-0ubuntu8.6_ia64.deb ab79fdc5187e892804c493b182f29129 78264 libdevel optional libcupsimage2-dev_1.2.8-0ubuntu8.6_ia64.deb b89ac5eeae44f1d6513a3797a1016230 46432 net extra cupsys-bsd_1.2.8-0ubuntu8.6_ia64.deb d565c63d4304a83b6b4b0b8ca0a7f6bc 306766 raw-translations - cupsys_1.2.8-0ubuntu8.6_powerpc_translations.tar.gz 634498a8eb5ab4c75eab74e1655234b1 188650 libs optional libcupsys2_1.2.8-0ubuntu8.6_powerpc.deb 94a5f78770c410fce9a0c88a187fe9c4 110478 libs optional libcupsimage2_1.2.8-0ubuntu8.6_powerpc.deb 7e3469aa52e2de4e93352e44f7623305 1696124 net optional cupsys_1.2.8-0ubuntu8.6_powerpc.deb bea4c45325710b1e2d5e67dceb7853bb 101094 net optional cupsys-client_1.2.8-0ubuntu8.6_powerpc.deb 69f22a6730b291c9df2b0541c07223d6 141178 libdevel optional libcupsys2-dev_1.2.8-0ubuntu8.6_powerpc.deb 47755a89a609e4401d70f6adcfcfb9a5 56398 libdevel optional libcupsimage2-dev_1.2.8-0ubuntu8.6_powerpc.deb ad2b053736a2165b39f1749b7e3409e0 46766 net extra cupsys-bsd_1.2.8-0ubuntu8.6_powerpc.deb 0dbd641692767f4e2e5b7f390c412a9f 1143 net optional cupsys_1.2.8-0ubuntu8.6.dsc 80696d47933857b9665da1492f9a801b 160216 net optional cupsys_1.2.8-0ubuntu8.6.diff.gz d50c968078f87f225c0d5a5b186b3c14 306770 raw-translations - cupsys_1.2.8-0ubuntu8.6_sparc_translations.tar.gz 02e3059c98fb42cb83173e0b3a08d469 178292 libs optional libcupsys2_1.2.8-0ubuntu8.6_sparc.deb ca7b062c097aa7f92a9085615fc3e828 104156 libs optional libcupsimage2_1.2.8-0ubuntu8.6_sparc.deb a5b6c19a436e9737af44cbaee93d093c 1659626 net optional cupsys_1.2.8-0ubuntu8.6_sparc.deb 072c6f65496619d5808c542d3a2ebe97 83740 net optional cupsys-client_1.2.8-0ubuntu8.6_sparc.deb 299acfe9e1964d21e7ba2fc3a390ded8 141756 libdevel optional libcupsys2-dev_1.2.8-0ubuntu8.6_sparc.deb 5a8347021b82084600e0d08971cb41a3 54928 libdevel optional libcupsimage2-dev_1.2.8-0ubuntu8.6_sparc.deb cde58d9fa7d256698ef6ba128b16a799 37778 net extra cupsys-bsd_1.2.8-0ubuntu8.6_sparc.deb Original-Maintainer: Debian CUPS Maintainers