[ubuntu/dapper-security] cupsys_1.2.2-0ubuntu0.6.06.15_powerpc_translations.tar.gz, cupsys_1.2.2-0ubuntu0.6.06.15_hppa_translations.tar.gz, cupsys_1.2.2-0ubuntu0.6.06.15_ia64_translations.tar.gz, cupsys_1.2.2-0ubuntu0.6.06.15_sparc_translations.tar.gz, cupsys_1.2.2-0ubuntu0.6.06.15_amd64_translations.tar.gz, cupsys, cupsys_1.2.2-0ubuntu0.6.06.15_i386_translations.tar.gz 1.2.2-0ubuntu0.6.06.15 (Accepted)

Ubuntu Installer archive at ubuntu.com
Tue Nov 10 15:06:10 GMT 2009


cupsys (1.2.2-0ubuntu0.6.06.15) dapper-security; urgency=low

  * SECURITY UPDATE: XSS and CRLF injection in headers
    - debian/patches/83_CVE-2009-2820.dpatch: Introduce cgiClearVariables()
      in cgi-bin/{var.c,cgi.h}. Clear out variables in
      cgi-bin/{classes,help,ipp-var,jobs,printers}.c. Encode URL string and
      clear out variables in cgi-bin/admin.c. Filter more characters in
      cgi-bin/template.c.
    - CVE-2009-2820

Date: Fri, 30 Oct 2009 21:40:07 -0400
Changed-By: Marc Deslauriers <marc.deslauriers at ubuntu.com>
Maintainer: Debian CUPS Maintainers <pkg-cups-devel at lists.alioth.debian.org>
https://launchpad.net/ubuntu/dapper/+source/cupsys/1.2.2-0ubuntu0.6.06.15
-------------- next part --------------
Format: 1.7
Date: Fri, 30 Oct 2009 21:40:07 -0400
Source: cupsys
Binary: cupsys-bsd libcupsys2-dev libcupsys2 cupsys libcupsys2-gnutls10 libcupsimage2-dev libcupsimage2 cupsys-client
Architecture: source
Version: 1.2.2-0ubuntu0.6.06.15
Distribution: dapper-security
Urgency: low
Maintainer: Debian CUPS Maintainers <pkg-cups-devel at lists.alioth.debian.org>
Changed-By: Marc Deslauriers <marc.deslauriers at ubuntu.com>
Description: 
 cupsys     - Common UNIX Printing System(tm) - server
 cupsys-bsd - Common UNIX Printing System(tm) - BSD commands
 cupsys-client - Common UNIX Printing System(tm) - client programs (SysV)
 libcupsimage2 - Common UNIX Printing System(tm) - image libs
 libcupsimage2-dev - Common UNIX Printing System(tm) - image development files
 libcupsys2 - Common UNIX Printing System(tm) - libs
 libcupsys2-dev - Common UNIX Printing System(tm) - development files
 libcupsys2-gnutls10 - Common UNIX Printing System(tm) - dummy libs for transition
Changes: 
 cupsys (1.2.2-0ubuntu0.6.06.15) dapper-security; urgency=low
 .
   * SECURITY UPDATE: XSS and CRLF injection in headers
     - debian/patches/83_CVE-2009-2820.dpatch: Introduce cgiClearVariables()
       in cgi-bin/{var.c,cgi.h}. Clear out variables in
       cgi-bin/{classes,help,ipp-var,jobs,printers}.c. Encode URL string and
       clear out variables in cgi-bin/admin.c. Filter more characters in
       cgi-bin/template.c.
     - CVE-2009-2820
Files: 
 87fa569bd9079b3f9ae30a7f5b1f3ed8 1060 net optional cupsys_1.2.2-0ubuntu0.6.06.15.dsc
 87e69cec16a6ce946d9596058c0261d1 104771 net optional cupsys_1.2.2-0ubuntu0.6.06.15.diff.gz


More information about the dapper-changes mailing list