-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Format: 1.8 Date: Sat, 04 Apr 2009 05:59:15 -0700 Source: cups Binary: libcups2 libcupsimage2 cups cups-client libcups2-dev libcupsimage2-dev cups-bsd cups-common cups-dbg cupsys cupsys-client cupsys-common cupsys-bsd cupsys-dbg libcupsys2 libcupsys2-dev Architecture: source all i386 Version: 1.3.8-1lenny5 Distribution: stable-security Urgency: low Maintainer: Debian CUPS Maintainers <pkg-cups-devel@lists.alioth.debian.org> Changed-By: Martin Pitt <mpitt@debian.org> Description: cups - Common UNIX Printing System(tm) - server cups-bsd - Common UNIX Printing System(tm) - BSD commands cups-client - Common UNIX Printing System(tm) - client programs (SysV) cups-common - Common UNIX Printing System(tm) - common files cups-dbg - Common UNIX Printing System(tm) - debugging symbols cupsys - Common UNIX Printing System (transitional package) cupsys-bsd - Common UNIX Printing System (transitional package) cupsys-client - Common UNIX Printing System (transitional package) cupsys-common - Common UNIX Printing System (transitional package) cupsys-dbg - Common UNIX Printing System (transitional package) libcups2 - Common UNIX Printing System(tm) - libs libcups2-dev - Common UNIX Printing System(tm) - development files libcupsimage2 - Common UNIX Printing System(tm) - image libs libcupsimage2-dev - Common UNIX Printing System(tm) - image development files libcupsys2 - Common UNIX Printing System (transitional package) libcupsys2-dev - Common UNIX Printing System (transitional package) Closes: 516945 Changes: cups (1.3.8-1lenny5) stable-security; urgency=low . * Add CVE-2009-0163_tiff_read_overflow.dpatch: Fix integer overflow induced heap buffer overflow in the _cupsImageReadTIFF() function. Discovered by iDefense. (CVE-2009-0163) * debian/rules: Remove group/other read permissions from the serial backend, so that it can run as root and thus is actually able to access /dev/ttyS*. In unstable this is fixed with a patch which relaxes the permissions checks, but that's too intrusive for a stable update. (Closes: #516945) Checksums-Sha1: db03331356eeefbb551622f921cc390327812469 1833 cups_1.3.8-1lenny5.dsc 7e8b6b8814a890228a4878bb528fca9683e2e04b 4796827 cups_1.3.8.orig.tar.gz a93a1ffe93c477b11658c8ce97667faadddab57c 184239 cups_1.3.8-1lenny5.diff.gz 8d698d015d8448fbd29c0c7e429e68ea45a19b05 1175160 cups-common_1.3.8-1lenny5_all.deb ef5a5e59c1ab7bb76f37d8f442c5e107f519c7de 52032 cupsys_1.3.8-1lenny5_all.deb 3726e24a57256629da4b43515550a30c0cb59ea6 52056 cupsys-client_1.3.8-1lenny5_all.deb 44f5bbc7a18a6fa2ec0a53394fd556d8b953e966 52058 cupsys-common_1.3.8-1lenny5_all.deb 0c00575acc3d92c7684272e1b3066c64a89cc522 52054 cupsys-bsd_1.3.8-1lenny5_all.deb 73c980ab92be9c7a0766bbdb397845bedaea1ecd 52046 cupsys-dbg_1.3.8-1lenny5_all.deb 75e9b8254adf13c9000b2721024eae4d1c90a23b 52048 libcupsys2_1.3.8-1lenny5_all.deb 3011f02b8adc049cec590971a61781a9ce98ae7d 52060 libcupsys2-dev_1.3.8-1lenny5_all.deb 7d683148bf5f500ebff5ff9d6a442546ef3967e1 164434 libcups2_1.3.8-1lenny5_i386.deb 4eb2f6731dc4b34b21536091626952caa092c827 99120 libcupsimage2_1.3.8-1lenny5_i386.deb 2b461436352ecf5eb2cdfc1c45a6b9d926077664 2047160 cups_1.3.8-1lenny5_i386.deb 4b8139e0a9383c22ecee066a20fc78352b9541a5 114848 cups-client_1.3.8-1lenny5_i386.deb 7a4df19c8b9630803a6aa2b1277a4ef0d83a0929 394064 libcups2-dev_1.3.8-1lenny5_i386.deb b95cb541c6d1e9c81c648599d70589c9a4e7c487 60434 libcupsimage2-dev_1.3.8-1lenny5_i386.deb 5debc084a19598d7f47acf802db034298f7e38b0 36484 cups-bsd_1.3.8-1lenny5_i386.deb efbc6faedc313657a9e302c28bb3e94b91e015d2 1085470 cups-dbg_1.3.8-1lenny5_i386.deb Checksums-Sha256: d4eda1df474ffec91064c977e65ac18c8a99f638ee70295a302a3786e7955ba7 1833 cups_1.3.8-1lenny5.dsc 7ecf2d1bc70d118cd0feaa3f91a4c9f90d4ce8357b04ea16ee41163165549cab 4796827 cups_1.3.8.orig.tar.gz 900a581a82d5ced5bbbcfffc2b1d5ff138165c1da912bbe235a6831317d81671 184239 cups_1.3.8-1lenny5.diff.gz 6be60405ad8fe11487ac88a844298715e9e49a6e7bfc6e081975fb05ccbddc6e 1175160 cups-common_1.3.8-1lenny5_all.deb 194ec86c79c3bc9706a187cb9df52820a2bd48164709af88adfee2a80c5dbe49 52032 cupsys_1.3.8-1lenny5_all.deb b6a2a07ad8ec9bedcd41b761d78fa506a7a2dd1b033f0d042ec401edf59517ca 52056 cupsys-client_1.3.8-1lenny5_all.deb 7a8ebb78af0f88bbbc1587f0226a17e911592b3cf490243caa594db765609337 52058 cupsys-common_1.3.8-1lenny5_all.deb d9467008fed05ca34db2bdff152b4921a03163d6f1609dd805d84a87bd045c3f 52054 cupsys-bsd_1.3.8-1lenny5_all.deb 26346879ad495fec7f7ef70d84981f99ff9cce0e35320a9ac3d986cd87aa189d 52046 cupsys-dbg_1.3.8-1lenny5_all.deb e00e7f5050d77f98d258b46dd15132552a0f1f28d209fcb526e0d993f7e4ab8c 52048 libcupsys2_1.3.8-1lenny5_all.deb b9bd4750e2029f840e049e0bd4c9bedf24767c943cd14b5d53114d0e17833b55 52060 libcupsys2-dev_1.3.8-1lenny5_all.deb 9fb39a8123c5cb173f7da5ab5295a4e0c392b10747fff3296b0e076c7f366e9e 164434 libcups2_1.3.8-1lenny5_i386.deb b9cffa5b2c4ce0f9f5f76c67cf4ac858cf985500006466f29af77535ef9b2396 99120 libcupsimage2_1.3.8-1lenny5_i386.deb 0f690e113775bdf401f072277e886a123babfdabf6dfb55a1f499747d685eb6d 2047160 cups_1.3.8-1lenny5_i386.deb bfc5a77a6f5451136f6f21411488fe85b60be804582e695b0b74657585f768fc 114848 cups-client_1.3.8-1lenny5_i386.deb 8dbfaa94c329fc75857928d30f50efd0d48d70b2aa782a8c529eb4256e16f96f 394064 libcups2-dev_1.3.8-1lenny5_i386.deb a30f012d79f8da53b4afb07777dfe619759146b84b7be8ef34bdb5e669465c56 60434 libcupsimage2-dev_1.3.8-1lenny5_i386.deb 43c3bdb04c15613bef6853c33688521a7a05ae3fa2f462c29856172b147bc08d 36484 cups-bsd_1.3.8-1lenny5_i386.deb 4b0a4380499aacb4e315cb9a22c698cd5880eaeed60fa5a1fdb2fe3af56a26e0 1085470 cups-dbg_1.3.8-1lenny5_i386.deb Files: 4c8778e239a30fb22d2f183c32c698f9 1833 net optional cups_1.3.8-1lenny5.dsc 10efe9825c1a1dcd325be47a6cc21faf 4796827 net optional cups_1.3.8.orig.tar.gz dd404146b1e9f016cc820f7892ed17c7 184239 net optional cups_1.3.8-1lenny5.diff.gz 462411771388eea81dcd9fe87fcadb76 1175160 net optional cups-common_1.3.8-1lenny5_all.deb 57858f41f804dcef4a205c71c8fafeb9 52032 oldlibs extra cupsys_1.3.8-1lenny5_all.deb fad269c06612a3e92372fb572997a75a 52056 oldlibs extra cupsys-client_1.3.8-1lenny5_all.deb 2b8c19ea46398861298325493814b2bc 52058 oldlibs extra cupsys-common_1.3.8-1lenny5_all.deb 7b1cbcef31f0acef816e190274d4cd73 52054 oldlibs extra cupsys-bsd_1.3.8-1lenny5_all.deb 19e750bfebc597b8936ae1d23a38b2ee 52046 oldlibs extra cupsys-dbg_1.3.8-1lenny5_all.deb da9cfa78d4fccba4d4587186e4e91583 52048 oldlibs extra libcupsys2_1.3.8-1lenny5_all.deb baf9cc46db611665cb4a36c043a809e4 52060 oldlibs extra libcupsys2-dev_1.3.8-1lenny5_all.deb 8a9cc5328a01e96fb99a5c8dd7790626 164434 libs optional libcups2_1.3.8-1lenny5_i386.deb 5ea77d549d9e0d8ca64a6bdce863b262 99120 libs optional libcupsimage2_1.3.8-1lenny5_i386.deb 55f3b312558a1687931b74f55ef81dee 2047160 net optional cups_1.3.8-1lenny5_i386.deb a4aed79f9fd271ca06be97fdd0c9097b 114848 net optional cups-client_1.3.8-1lenny5_i386.deb 07dcad9401a227e62ac1d4e2d15bba4e 394064 libdevel optional libcups2-dev_1.3.8-1lenny5_i386.deb 8c4f67ff8e3163e1aa24053c4f746a37 60434 libdevel optional libcupsimage2-dev_1.3.8-1lenny5_i386.deb 9dbfecd141e6674f8c4c12a7cc472e6e 36484 net extra cups-bsd_1.3.8-1lenny5_i386.deb 6b05ce29e166358a0e33c440baf8a0eb 1085470 libdevel extra cups-dbg_1.3.8-1lenny5_i386.deb -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.9 (GNU/Linux) iEYEARECAAYFAknYIRYACgkQDecnbV4Fd/KUGQCdEhIyOhm1O+f0ZrCQfdkuPjXL KVYAnjod7Bw7QtBeOF2dmeMI0F02BFnK =bNJS -----END PGP SIGNATURE----- Accepted: cups-bsd_1.3.8-1lenny5_i386.deb to pool/main/c/cups/cups-bsd_1.3.8-1lenny5_i386.deb cups-client_1.3.8-1lenny5_i386.deb to pool/main/c/cups/cups-client_1.3.8-1lenny5_i386.deb cups-common_1.3.8-1lenny5_all.deb to pool/main/c/cups/cups-common_1.3.8-1lenny5_all.deb cups-dbg_1.3.8-1lenny5_i386.deb to pool/main/c/cups/cups-dbg_1.3.8-1lenny5_i386.deb cups_1.3.8-1lenny5.diff.gz to pool/main/c/cups/cups_1.3.8-1lenny5.diff.gz cups_1.3.8-1lenny5.dsc to pool/main/c/cups/cups_1.3.8-1lenny5.dsc cups_1.3.8-1lenny5_i386.deb to pool/main/c/cups/cups_1.3.8-1lenny5_i386.deb cupsys-bsd_1.3.8-1lenny5_all.deb to pool/main/c/cups/cupsys-bsd_1.3.8-1lenny5_all.deb cupsys-client_1.3.8-1lenny5_all.deb to pool/main/c/cups/cupsys-client_1.3.8-1lenny5_all.deb cupsys-common_1.3.8-1lenny5_all.deb to pool/main/c/cups/cupsys-common_1.3.8-1lenny5_all.deb cupsys-dbg_1.3.8-1lenny5_all.deb to pool/main/c/cups/cupsys-dbg_1.3.8-1lenny5_all.deb cupsys_1.3.8-1lenny5_all.deb to pool/main/c/cups/cupsys_1.3.8-1lenny5_all.deb libcups2-dev_1.3.8-1lenny5_i386.deb to pool/main/c/cups/libcups2-dev_1.3.8-1lenny5_i386.deb libcups2_1.3.8-1lenny5_i386.deb to pool/main/c/cups/libcups2_1.3.8-1lenny5_i386.deb libcupsimage2-dev_1.3.8-1lenny5_i386.deb to pool/main/c/cups/libcupsimage2-dev_1.3.8-1lenny5_i386.deb libcupsimage2_1.3.8-1lenny5_i386.deb to pool/main/c/cups/libcupsimage2_1.3.8-1lenny5_i386.deb libcupsys2-dev_1.3.8-1lenny5_all.deb to pool/main/c/cups/libcupsys2-dev_1.3.8-1lenny5_all.deb libcupsys2_1.3.8-1lenny5_all.deb to pool/main/c/cups/libcupsys2_1.3.8-1lenny5_all.deb