Bug#448866: [CVE-2007-4351] CUPS IPP Tags Memory Corruption Vulnerability

To: Debian Bug Tracking System <submit@bugs.debian.org>
Subject: Bug#448866: [CVE-2007-4351] CUPS IPP Tags Memory Corruption Vulnerability
From: Daniel Leidert <daniel.leidert@wgdd.de>
Date: Thu, 01 Nov 2007 15:19:44 +0100
Message-id: <[🔎] 20071101141944.13213.36764.reportbug@localhost>
Reply-to: Daniel Leidert <daniel.leidert@wgdd.de>, 448866@bugs.debian.org

Package: cupsys
Version: 1.3.2-1
Severity: important

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Secunia published a vulnerability report for Cups 1.3.3 (but older
versions may be affected too). The complete report is at
http://secunia.com/secunia_research/2007-76/advisory. Version 1.3.4
should already contain the fix.

Please check, if Etch is affected too.

Regards, Daniel


- -- System Information:
Debian Release: lenny/sid
  APT prefers unstable
  APT policy: (850, 'unstable'), (700, 'testing'), (550, 'stable'), (110, 'experimental')
Architecture: i386 (i686)

Kernel: Linux 2.6.21.5 (PREEMPT)
Locale: LANG=de_DE, LC_CTYPE=de_DE (charmap=ISO-8859-1)
Shell: /bin/sh linked to /bin/bash

Versions of packages cupsys depends on:
ii  adduser            3.105                 add and remove users and groups
ii  cupsys-common      1.3.2-1               Common UNIX Printing System(tm) - 
ii  debconf [debconf-2 1.5.16                Debian configuration management sy
ii  ghostscript [gs-es 8.61.dfsg.1~svn8187-2 The GPL Ghostscript PostScript/PDF
ii  gs-esp             8.61.dfsg.1~svn8187-2 Transitional package
ii  libavahi-compat-li 0.6.21-2              Avahi Apple Bonjour compatibility 
ii  libc6              2.6.1-6               GNU C Library: Shared libraries
ii  libcupsimage2      1.3.2-1               Common UNIX Printing System(tm) - 
ii  libcupsys2         1.3.2-1               Common UNIX Printing System(tm) - 
ii  libdbus-1-3        1.1.1-3               simple interprocess messaging syst
ii  libgnutls13        2.0.1-1               the GNU TLS library - runtime libr
ii  libkrb53           1.6.dfsg.3~beta1-2    MIT Kerberos runtime libraries
ii  libldap2           2.1.30.dfsg-13.5      OpenLDAP libraries
ii  libpam0g           0.99.7.1-5            Pluggable Authentication Modules l
ii  libpaper1          1.1.23                library for handling paper charact
ii  libslp1            1.2.1-7               OpenSLP libraries
ii  lsb-base           3.1-24                Linux Standard Base 3.1 init scrip
ii  perl-modules       5.8.8-11.1            Core Perl modules
ii  procps             1:3.2.7-5             /proc file system utilities
ii  ssl-cert           1.0.14                Simple debconf wrapper for openssl
ii  xpdf-utils [popple 3.02-1.2              Portable Document Format (PDF) sui

Versions of packages cupsys recommends:
ii  cups-pdf              2.4.6-4            PDF printer for CUPS
ii  cupsys-client         1.3.2-1            Common UNIX Printing System(tm) - 
ii  foomatic-filters      3.0.2-20061031-1.2 linuxprinting.org printer support 
ii  smbclient             3.0.26a-1          a LanManager-like simple client fo

- -- debconf information excluded

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.6 (GNU/Linux)

iD8DBQFHKeCAm0bx+wiPa4wRAi7dAKCN/KXeC/Twd8tSBLqcf9SjxbxQwQCfYJmz
VcZS6jbuulJGnL5rKNHoDd0=
=/fQA
-----END PGP SIGNATURE-----

Reply to:

Follow-Ups:
- Bug#448866: marked as done ([CVE-2007-4351] CUPS IPP Tags Memory Corruption Vulnerability)
  - From: owner@bugs.debian.org (Debian Bug Tracking System)

Next by Date: Processed: severity of 448866 is grave
Next by thread: Bug#448866: marked as done ([CVE-2007-4351] CUPS IPP Tags Memory Corruption Vulnerability)
Index(es):
- Date
- Thread