[ubuntu/dapper-security] cupsys_1.2.2-0ubuntu0.6.06.11_ia64_translations.tar.gz, cupsys_1.2.2-0ubuntu0.6.06.11_powerpc_translations.tar.gz, cupsys_1.2.2-0ubuntu0.6.06.11_hppa_translations.tar.gz, cupsys_1.2.2-0ubuntu0.6.06.11_sparc_translations.tar.gz, cupsys, cupsys_1.2.2-0ubuntu0.6.06.11_amd64_translations.tar.gz, cupsys_1.2.2-0ubuntu0.6.06.11_i386_translations.tar.gz 1.2.2-0ubuntu0.6.06.11 (Accepted)

Ubuntu Installer archive at ubuntu.com
Wed Oct 15 21:55:39 BST 2008


cupsys (1.2.2-0ubuntu0.6.06.11) dapper-security; urgency=low

  * SECURITY UPDATE: heap-based buffer overflow due to unchecked boundary in
    the SGI filter
    - debian/patches/78_CVE-2008-3639.dpatch: adjust filter/image-sgilib.c to
      properly check for xsize. Taken from Debian patch by Martin Pitt.
    - STR #2918
    - CVE-2008-3639
  * SECURITY UPDATE: integer overflow in texttops filter which could lead
    to heap-based overflow
    - debian/patches/79_CVE-2008-3640.dpatch: adjust textcommon.c and
      texttops.c to check for too large or negative page metrics. Based on
      Debian patch by Martin Pitt.
    - STR #2919
    - CVE-2008-3640
  * SECURITY UPDATE: buffer overflow in HPGL filter which could lead to
    arbitrary code execution
    - debian/patches/80_CVE-2008-3641.dpatch: adjust hpgl-attr.c to properly
      check for an invalid number of pens. Also includes fix for regression in
      orginal upstream patch which changed the color mapping and an off-by-one
      loop error. Taken from Debian patch by Martin Pitt.
    - STR #2911
    - STR #2966
    - CVE-2008-3641
  * debian/patches/00list: apply 77_CVE-2008-1722.dpatch from previous update,
    which was not applied

Date: Tue, 14 Oct 2008 14:08:29 -0500
Changed-By: Jamie Strandboge <jamie at ubuntu.com>
Maintainer: Debian CUPS Maintainers <pkg-cups-devel at lists.alioth.debian.org>
https://launchpad.net/ubuntu/dapper/+source/cupsys/1.2.2-0ubuntu0.6.06.11
-------------- next part --------------
Format: 1.7
Date: Tue, 14 Oct 2008 14:08:29 -0500
Source: cupsys
Binary: cupsys cupsys-bsd cupsys-client libcupsimage2 libcupsimage2-dev libcupsys2 libcupsys2-dev libcupsys2-gnutls10
Architecture: amd64_translations amd64 hppa_translations hppa i386_translations i386 all ia64_translations ia64 powerpc_translations powerpc source sparc_translations sparc
Version: 1.2.2-0ubuntu0.6.06.11
Distribution: dapper-security
Urgency: low
Maintainer: Debian CUPS Maintainers <pkg-cups-devel at lists.alioth.debian.org>
Changed-By: Jamie Strandboge <jamie at ubuntu.com>
Description:
 cupsys     - Common UNIX Printing System(tm) - server
 cupsys-bsd - Common UNIX Printing System(tm) - BSD commands
 cupsys-client - Common UNIX Printing System(tm) - client programs (SysV)
 libcupsimage2 - Common UNIX Printing System(tm) - image libs
 libcupsimage2-dev - Common UNIX Printing System(tm) - image development files
 libcupsys2 - Common UNIX Printing System(tm) - libs
 libcupsys2-dev - Common UNIX Printing System(tm) - development files
 libcupsys2-gnutls10 - Common UNIX Printing System(tm) - dummy libs for transition
Changes:
 cupsys (1.2.2-0ubuntu0.6.06.11) dapper-security; urgency=low
 .
   * SECURITY UPDATE: heap-based buffer overflow due to unchecked boundary in
     the SGI filter
     - debian/patches/78_CVE-2008-3639.dpatch: adjust filter/image-sgilib.c to
       properly check for xsize. Taken from Debian patch by Martin Pitt.
     - STR #2918
     - CVE-2008-3639
   * SECURITY UPDATE: integer overflow in texttops filter which could lead
     to heap-based overflow
     - debian/patches/79_CVE-2008-3640.dpatch: adjust textcommon.c and
       texttops.c to check for too large or negative page metrics. Based on
       Debian patch by Martin Pitt.
     - STR #2919
     - CVE-2008-3640
   * SECURITY UPDATE: buffer overflow in HPGL filter which could lead to
     arbitrary code execution
     - debian/patches/80_CVE-2008-3641.dpatch: adjust hpgl-attr.c to properly
       check for an invalid number of pens. Also includes fix for regression in
       orginal upstream patch which changed the color mapping and an off-by-one
       loop error. Taken from Debian patch by Martin Pitt.
     - STR #2911
     - STR #2966
     - CVE-2008-3641
   * debian/patches/00list: apply 77_CVE-2008-1722.dpatch from previous update,
     which was not applied
Files:
 455fe7748b3ab167658bb5b42ef0363a 2286676 net optional cupsys_1.2.2-0ubuntu0.6.06.11_amd64.deb
 670924b1b9a36db787e3b4cc6a7f1782 81902 net optional cupsys-client_1.2.2-0ubuntu0.6.06.11_amd64.deb
 88a0b954c9f50df6aa37824b3da7041b 129960 libs optional libcupsys2_1.2.2-0ubuntu0.6.06.11_amd64.deb
 6812b0831f37474b50607e4c6eb83fe5 25742 libdevel optional libcupsys2-dev_1.2.2-0ubuntu0.6.06.11_amd64.deb
 31e781bf2c8f0f4140799b21b9d0484a 77226 libs optional libcupsimage2_1.2.2-0ubuntu0.6.06.11_amd64.deb
 dc0bd3799366e32503466ba4588fc4df 6086 libdevel optional libcupsimage2-dev_1.2.2-0ubuntu0.6.06.11_amd64.deb
 ddea26501964356559ee3a11124acd8b 36226 net extra cupsys-bsd_1.2.2-0ubuntu0.6.06.11_amd64.deb
 578067c03068d417bcf2673e4bca90b2 200107 raw-translations - cupsys_1.2.2-0ubuntu0.6.06.11_amd64_translations.tar.gz
 48a52152b5a1ff4f3f781faef20323ca 2337650 net optional cupsys_1.2.2-0ubuntu0.6.06.11_hppa.deb
 c7e93825985ec3e709d42bda65ec1144 84666 net optional cupsys-client_1.2.2-0ubuntu0.6.06.11_hppa.deb
 f8666f44710ddd19f22d8d5e4263344b 137934 libs optional libcupsys2_1.2.2-0ubuntu0.6.06.11_hppa.deb
 d7c0c7490ea513b90fe89ff3f1005706 25748 libdevel optional libcupsys2-dev_1.2.2-0ubuntu0.6.06.11_hppa.deb
 5d9fd4183071de4dfcbc02797c22f0da 82008 libs optional libcupsimage2_1.2.2-0ubuntu0.6.06.11_hppa.deb
 ef930ab31731be348b5cdf91e00aefc6 6106 libdevel optional libcupsimage2-dev_1.2.2-0ubuntu0.6.06.11_hppa.deb
 7841d8d66903e4f5de9d5d97ac3ecd69 38584 net extra cupsys-bsd_1.2.2-0ubuntu0.6.06.11_hppa.deb
 ce01900629115177eaac19ecf09d9eb4 200104 raw-translations - cupsys_1.2.2-0ubuntu0.6.06.11_hppa_translations.tar.gz
 8b094f8389b70e0153d7bbfcd23ed912 994 libs optional libcupsys2-gnutls10_1.2.2-0ubuntu0.6.06.11_all.deb
 30ac219c7cd66460df6fa2b76c147ae8 2253974 net optional cupsys_1.2.2-0ubuntu0.6.06.11_i386.deb
 efed93511d0ee579706e5cf538378dbd 77974 net optional cupsys-client_1.2.2-0ubuntu0.6.06.11_i386.deb
 7298a6d762d2edbe6fd107656932f32a 122178 libs optional libcupsys2_1.2.2-0ubuntu0.6.06.11_i386.deb
 4c97e6e30f95bd3c3a32c761db4f5183 25740 libdevel optional libcupsys2-dev_1.2.2-0ubuntu0.6.06.11_i386.deb
 d044f4fa44a792c81bca198f44687a1e 76350 libs optional libcupsimage2_1.2.2-0ubuntu0.6.06.11_i386.deb
 648459c3b58ddaf1fc646c8cd476e9f8 6090 libdevel optional libcupsimage2-dev_1.2.2-0ubuntu0.6.06.11_i386.deb
 d04de29dfcca09a4dc70a385e8a0766b 34768 net extra cupsys-bsd_1.2.2-0ubuntu0.6.06.11_i386.deb
 c038579fec037d50a9174ec6f30c419e 286447 raw-translations - cupsys_1.2.2-0ubuntu0.6.06.11_i386_translations.tar.gz
 0cd6a80a880688d2f58e6362540b0d50 2506978 net optional cupsys_1.2.2-0ubuntu0.6.06.11_ia64.deb
 9abaaa755d9fb23d15bb650211580331 107482 net optional cupsys-client_1.2.2-0ubuntu0.6.06.11_ia64.deb
 ece2bd95731fdd316e12f7d51ef167d6 171772 libs optional libcupsys2_1.2.2-0ubuntu0.6.06.11_ia64.deb
 10f5d26fb443ecebf85bca4c92c8955f 25754 libdevel optional libcupsys2-dev_1.2.2-0ubuntu0.6.06.11_ia64.deb
 80e173c687fb7fcf6e91b515dbd4d009 99084 libs optional libcupsimage2_1.2.2-0ubuntu0.6.06.11_ia64.deb
 15aa3fbd227115b84ab75baf1f942736 6092 libdevel optional libcupsimage2-dev_1.2.2-0ubuntu0.6.06.11_ia64.deb
 239ae6086d25caa7b9142e2ad806155d 46572 net extra cupsys-bsd_1.2.2-0ubuntu0.6.06.11_ia64.deb
 d1adab65c88bbe9e96e7dcf516a14a82 200101 raw-translations - cupsys_1.2.2-0ubuntu0.6.06.11_ia64_translations.tar.gz
 f1a755a88fde554fdabbfb8081a88e52 2301292 net optional cupsys_1.2.2-0ubuntu0.6.06.11_powerpc.deb
 0172b346d78458df1a6cd91a371b3b67 89528 net optional cupsys-client_1.2.2-0ubuntu0.6.06.11_powerpc.deb
 6e50fa3fa4185c781551e5744331f20b 127932 libs optional libcupsys2_1.2.2-0ubuntu0.6.06.11_powerpc.deb
 21a4d908ae8de551cda885d4835d69c0 25744 libdevel optional libcupsys2-dev_1.2.2-0ubuntu0.6.06.11_powerpc.deb
 de095980afadd9352e5d7e92600d75b5 79004 libs optional libcupsimage2_1.2.2-0ubuntu0.6.06.11_powerpc.deb
 f3e962ddc060712ed3ba78bb5625d5e4 6098 libdevel optional libcupsimage2-dev_1.2.2-0ubuntu0.6.06.11_powerpc.deb
 24cf01572a6f790296c1accba097352c 40468 net extra cupsys-bsd_1.2.2-0ubuntu0.6.06.11_powerpc.deb
 3c09fa116036cb01dac6accd33d25558 200102 raw-translations - cupsys_1.2.2-0ubuntu0.6.06.11_powerpc_translations.tar.gz
 cc47231c220e8d0e1659cf83d9e08445 1052 net optional cupsys_1.2.2-0ubuntu0.6.06.11.dsc
 403c1494b264696702f055fc5cdcc60d 102981 net optional cupsys_1.2.2-0ubuntu0.6.06.11.diff.gz
 864ab74a020db94ab2acc1283720a05c 2287588 net optional cupsys_1.2.2-0ubuntu0.6.06.11_sparc.deb
 49f458e339846bcc2eb9ffdc482de5be 78712 net optional cupsys-client_1.2.2-0ubuntu0.6.06.11_sparc.deb
 4c4f4a4faae61a0c3901c63fe58bbf26 123662 libs optional libcupsys2_1.2.2-0ubuntu0.6.06.11_sparc.deb
 8bbdc7b4842df909bdfb95b96fd9f884 25740 libdevel optional libcupsys2-dev_1.2.2-0ubuntu0.6.06.11_sparc.deb
 759f3df1a04440d71ae6634109045bf6 76262 libs optional libcupsimage2_1.2.2-0ubuntu0.6.06.11_sparc.deb
 58c6f56f79c35af1b0ca47eaeedd7ea3 6092 libdevel optional libcupsimage2-dev_1.2.2-0ubuntu0.6.06.11_sparc.deb
 ede504cfaaf1e068c68b3fa759777098 35392 net extra cupsys-bsd_1.2.2-0ubuntu0.6.06.11_sparc.deb
 8260ffeaed09bf101095f616c81252da 200091 raw-translations - cupsys_1.2.2-0ubuntu0.6.06.11_sparc_translations.tar.gz


More information about the dapper-changes mailing list