[Pkg-cups-devel] r806 - in cupsys/trunk: . debian
Martin Pitt
mpitt at alioth.debian.org
Mon Jul 28 16:49:47 UTC 2008
Author: mpitt
Date: Mon Jul 28 16:49:47 2008
New Revision: 806
Log:
* Add missing CVE and more verbose descriptions to security fixes to 1.3.6-1
changelog.
- Fixes buffer overflows in filter/hpgl-input.c, possibly exploitable to
run arbitrary code with crafted HP-GL files. (CVE-2008-0053)
- Fixes double free vulnerability in process_browse_data(),
exploitable to remote DoS. (CVE-2008-0882, bug #467653)
Modified:
cupsys/trunk/ (props changed)
cupsys/trunk/debian/changelog
Modified: cupsys/trunk/debian/changelog
==============================================================================
--- cupsys/trunk/debian/changelog (original)
+++ cupsys/trunk/debian/changelog Mon Jul 28 16:49:47 2008
@@ -1,3 +1,10 @@
+cups (1.3.8-2) UNRELEASED; urgency=low
+
+ * Add missing CVE and more verbose descriptions to security fixes to 1.3.6-1
+ changelog.
+
+ -- Martin Pitt <mpitt at debian.org> Mon, 28 Jul 2008 18:48:59 +0200
+
cups (1.3.8-1) unstable; urgency=low
* New upstream release: some 20 bug fixes, no new features (see
@@ -230,7 +237,10 @@
cupsys (1.3.6-1) unstable; urgency=low
* New upstream bugfix release.
- - Fixes (CVE-2008-0882, bug #467653).
+ - Fixes buffer overflows in filter/hpgl-input.c, possibly exploitable to
+ run arbitrary code with crafted HP-GL files. (CVE-2008-0053)
+ - Fixes double free vulnerability in process_browse_data(),
+ exploitable to remote DoS. (CVE-2008-0882, bug #467653)
* Remove the following patches which are upstream now:
- fix_regression_reactivate_net_ifaces_changes_detection.dpatch
- web-interface-breaks-default-auth-setting.dpatch
More information about the Pkg-cups-devel
mailing list