oem-qa team mailing list archive
-
oem-qa team
-
Mailing list archive
-
Message #00100
[Bug 329293] Re: Please update cupsys to the generic version for hardy to fix several security vulnerabilities
** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2008-5183
** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2008-5184
** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2008-5286
** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2008-5377
** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2008-3639
** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2008-3640
** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2008-3641
--
Please update cupsys to the generic version for hardy to fix several security vulnerabilities
https://bugs.launchpad.net/bugs/329293
You received this bug notification because you are a member of OEM
Services QA, which is subscribed to The Dell Mini Project.
Status in Dell Inspiron Mini with Custom Dell UI: Triaged
Bug description:
Cupsys in hardy for the dell mini is in version 1.3.7-1ubuntu3 which is affected by several security vulnerabilities. The version in generic hardy ( 1.3.7-1ubuntu3) includes already the patches. So those should be ported to hardy for the mini.
Changelog:
cupsys (1.3.7-1ubuntu3.3) hardy-security; urgency=low
* SECURITY UPDATE: denial of service by adding a large number of RSS
subscriptions (LP: #298241)
- debian/patches/CVE-2008-5183.dpatch: gracefully handle MaxSubscriptions
being reached in scheduler/{ipp.c,subscriptions.c}.
- CVE-2008-5183
* SECURITY UPDATE: unauthorized access to RSS subscription functions in
web interface (LP: #298241)
- debian/patches/CVE-2008-5184.dpatch: make sure user is authenticated
in /cgi-bin/admin.c.
- CVE-2008-5184
* SECURITY UPDATE: arbitrary code execution via integer overflow from a PNG
image with a large height value
- This issue was introduced in the patch for CVE-2008-1722.
- debian/patches/CVE-2008-1722.dpatch: adjust patch to multiply img->xsize
instead of img->ysize so we don't overflow in filter/image-png.c.
- CVE-2008-5286
* SECURITY UPDATE: arbitrary file overwrite via temp log file symlink attack
- debian/filters/pstopdf: use the cleaned-up version from Debian.
- CVE-2008-5377
-- Marc Deslauriers <marc.deslauriers@xxxxxxxxxx> Thu, 08 Jan 2009 10:29:38 -0500
cupsys (1.3.7-1ubuntu3.2) hardy-proposed; urgency=low
* debian/rules: Install the serial backend with 0700 permissions to make it
run as root, since /dev/ttyS* are root:dialout and thus not accessible as
user "lp". (LP: #154277)
-- Martin Pitt <martin.pitt@xxxxxxxxxx> Wed, 26 Nov 2008 14:30:00 +0000
cupsys (1.3.7-1ubuntu3.1) hardy-security; urgency=low
* SECURITY UPDATE: heap-based buffer overflow due to unchecked boundary in
the SGI filter
- debian/patches/CVE-2008-3639_sgi_filter_overflow.dpatch: adjust
filter/image-sgilib.c to properly check for xsize. Taken from Debian
patch by Martin Pitt.
- STR #2918
- CVE-2008-3639
* SECURITY UPDATE: integer overflow in texttops filter which could lead
to heap-based overflow
- debian/patches/CVE-2008-3640_texttops_overflow.dpatch: adjust
textcommon.c and texttops.c to check for too large or negative page
metrics. Taken from Debian patch by Martin Pitt.
- STR #2919
- CVE-2008-3640
* SECURITY UPDATE: buffer overflow in HPGL filter which could lead to
arbitrary code execution
- debian/patches/CVE-2008-3641_hpgl_filter_overflow.dpatch: adjust
hpgl-attr.c to properly check for an invalid number of pens. Also
includes fix for regression in orginal upstream patch which changed
the color mapping and an off-by-one loop error. Taken from Debian patch
by Martin Pitt.
- STR #2911
- STR #2966
- CVE-2008-3641
-- Jamie Strandboge <jamie@xxxxxxxxxx> Tue, 14 Oct 2008 13:17:07 -0500
