[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: squeeze update of cups?

Le vendredi, 27 février 2015, 04.39:08 Ben Hutchings a écrit :
> On Fri, 2015-02-27 at 03:17 +0000, Ben Hutchings wrote:
> > This does not fix the bug!
> I cherry-picked git commit 6c087a72a0708bcb7929955c75770ee364755c42
> ("Add some range checking (probably more to come) to avoid divide-by-0
> errors."), after which the critical hunk of the patch for
> CVE-2014-9679 applied cleanly.  With Didier's original patch,
>     zcat bogus.raster.gz | rastertohp foo bar baz 1 ''
> still crashes (segmentation fault).  With the two patches applied, it
> fails cleanly (no pages found).  I was still able to print a test page
> (though I'm not certain that this uses the raster filter code in my
> configuration).
> So I've uploaded with those two patches applied.

Thanks! I've now updated the VCS with your patches.



Attachment: signature.asc
Description: This is a digitally signed message part.

Reply to: