oem-qa team mailing list archive

[feranick <feranick@xxxxxxxxxxx>]

*** This bug is a security vulnerability ***

Public security bug reported:

Cupsys has been update to version (1.3.7-1ubuntu3.5) in generic hardy to
fix a security vulnerability. The same patch should be applied to hardy
for the mini (cupsys in version 1.3.7-1ubuntu3.4).

cupsys (1.3.7-1ubuntu3.5) hardy-security; urgency=low

  * SECURITY UPDATE: Remote denial-of-service via IPP_TAG_UNSUPPORTED tags.
    - debian/patches/CVE-2009-0949.dpatch: make sure the name field exists
      in scheduler/ipp.c.
    - CVE-2009-0949

** Affects: dell-mini
     Importance: Undecided
         Status: New

** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2009-0949

** This bug has been flagged as a security vulnerability

-- 
Please update cusys to fix security vulnerability
https://bugs.launchpad.net/bugs/383334
You received this bug notification because you are a member of OEM
Services QA, which is subscribed to The Dell Mini Project.

Status in Dell Inspiron Mini with Custom Dell UI: New

Bug description:
Cupsys has been update to version (1.3.7-1ubuntu3.5) in generic hardy to fix a security vulnerability. The same patch should be applied to hardy for the mini (cupsys in version 1.3.7-1ubuntu3.4).

cupsys (1.3.7-1ubuntu3.5) hardy-security; urgency=low

  * SECURITY UPDATE: Remote denial-of-service via IPP_TAG_UNSUPPORTED tags.
    - debian/patches/CVE-2009-0949.dpatch: make sure the name field exists
      in scheduler/ipp.c.
    - CVE-2009-0949