Bug#780267: marked as done (cups-filters: CVE-2015-2265)
Your message dated Wed, 11 Mar 2015 13:33:54 +0000
with message-id <E1YVglm-00009G-DV@franck.debian.org>
and subject line Bug#780267: fixed in cups-filters 1.0.66-1
has caused the Debian Bug report #780267,
regarding cups-filters: CVE-2015-2265
to be marked as done.
This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.
(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact owner@bugs.debian.org
immediately.)
--
780267: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=780267
Debian Bug Tracking System
Contact owner@bugs.debian.org with problems
--- Begin Message ---
Package: cups-filters
Severity: grave
Tags: security
Justification: user security hole
Hi,
please see https://bugs.linuxfoundation.org/show_bug.cgi?id=1265
Cheers,
Moritz
--- End Message ---
--- Begin Message ---
Source: cups-filters
Source-Version: 1.0.66-1
We believe that the bug you reported is fixed in the latest version of
cups-filters, which is due to be installed in the Debian FTP archive.
A summary of the changes between this version and the previous one is
attached.
Thank you for reporting the bug, which will now be closed. If you
have further comments please address them to 780267@bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.
Debian distribution maintenance software
pp.
Didier Raboud <odyx@debian.org> (supplier of updated cups-filters package)
(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing ftpmaster@ftp-master.debian.org)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
Format: 1.8
Date: Wed, 11 Mar 2015 14:05:44 +0100
Source: cups-filters
Binary: libcupsfilters1 libfontembed1 cups-filters cups-filters-core-drivers libcupsfilters-dev libfontembed-dev cups-browsed
Architecture: source
Version: 1.0.66-1
Distribution: experimental
Urgency: high
Maintainer: Debian Printing Team <debian-printing@lists.debian.org>
Changed-By: Didier Raboud <odyx@debian.org>
Description:
cups-browsed - OpenPrinting CUPS Filters - cups-browsed
cups-filters - OpenPrinting CUPS Filters - Main Package
cups-filters-core-drivers - OpenPrinting CUPS Filters - PPD-less printing
libcupsfilters-dev - OpenPrinting CUPS Filters - Development files for the library
libcupsfilters1 - OpenPrinting CUPS Filters - Shared library
libfontembed-dev - OpenPrinting CUPS Filters - Development files for font embed libr
libfontembed1 - OpenPrinting CUPS Filters - Font Embed Shared library
Closes: 780267
Changes:
cups-filters (1.0.66-1) experimental; urgency=high
.
* New 1.0.66 upstream release
- cups-browsed: SECURITY FIX: Fixed a bug in the remove_bad_chars()
failing to reliably filter out illegal characters if there are two
or more subsequent illegal characters, allowing execution of
arbitrary commands with the rights of the "lp" user, using forged
print service announcements on DNS-SD servers (Bug #1265).
(Closes: #780267, CVE-2015-2265)
- Lots of bug fixes on legacy browsing/broadcasting. Thanks to Tim Waugh
from Red Hat.
- cups-browsed: Added PPD file generator for IPP Everywhere and other
suitable IPP printers. So IPP printers set up automatically (using
"CreateIPPPrinterQueues Yes" in cups-browsed.conf) get PPD files is
possible and so printing options are sown in all print dialogs. The
dialog does not need to request option information from the printer
via IPP. Code taken from CUPS 2.1.x development branch.
.
[ Didier Raboud ]
* Update copyright years for Till's contributions
.
[ Till Kamppeter ]
* Added build dependency on libglib2.0-dev
Checksums-Sha1:
7b476374a6a924a944c5d8142f01e084b6b199d1 2724 cups-filters_1.0.66-1.dsc
ddd0386be361f72ad2e8f7851753dc89016ff7be 1335740 cups-filters_1.0.66.orig.tar.xz
d15ee51f403ac024246903c764a1dd89e5b40a6f 66332 cups-filters_1.0.66-1.debian.tar.xz
Checksums-Sha256:
decb3efc82ec0aa3d2c9ec70757ccf2aaf87231e862989a8bac49e75ff382fe5 2724 cups-filters_1.0.66-1.dsc
a46eea35d8c151f1f63c663c5dda290ba11a7f5951d48dba485a02f9146dfb1c 1335740 cups-filters_1.0.66.orig.tar.xz
f5ea531ab9f600b4142d6a601d8d6c200e11ec5498bd79f3195145e36cf9e603 66332 cups-filters_1.0.66-1.debian.tar.xz
Files:
2b26e6637725b305fc32fb0d8e4ca569 2724 net optional cups-filters_1.0.66-1.dsc
ad594ac06dfbfb02af34deb0805cab00 1335740 net optional cups-filters_1.0.66.orig.tar.xz
4f664cbd59ad01d3d826a5c9b03fe3ad 66332 net optional cups-filters_1.0.66-1.debian.tar.xz
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2
iQGcBAEBCAAGBQJVAEEIAAoJEIvPpx7KFjRVXJML/1zes8LGMLVkhORhTRqKE/ki
1VqciDcapHlFHN2brecnJ3nFfMz3zmxgTgvtlNDn7nsODvwB6EDc/OPxDun5KK1U
FtAxysB5oy1umdZ6xfx9MCcfG0y36wAAkuyL5ByCzliWHWfht+YhwkxoGp89BZ0P
cawcZ6hMTF+q+faMgCB0hcUXXLTH3YNmHli5q1I3tf5Y155e4uGN5jTL6OrWM5nN
PliXnsgCi809iGC5Ucb16Fc5QSEUestoN+lgWDONDZpebak2Ua2xaBKu7JRw04Bw
sN0CRCqHKVELGf4i20CKaL5dyAe6S4TpbP29tsI+PU/czz1dfgN16nDyeymRC6td
om1G8ttPjpr3XeoIv4k4ulqmYF1LJ5ihn2+EnVM/+KUXkdDUVXbP6MiksAUsByQV
h34kq/NiwRGLDP0No4h9C/+eJIOjVCETps+OydFEzFFNYnGCBYxTGaMB7WYmxYMo
MsY7b9SZp76Uesg+McTXpqCwuMi9RV3NOFVRubyOrg==
=arzs
-----END PGP SIGNATURE-----
--- End Message ---
Reply to: