-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 Format: 1.8 Date: Tue, 11 Mar 2014 14:42:08 +0100 Source: cups Binary: libcups2 libcupsimage2 libcupscgi1 libcupsdriver1 libcupsmime1 libcupsppdc1 cups cups-client libcups2-dev libcupsimage2-dev libcupscgi1-dev libcupsdriver1-dev libcupsmime1-dev libcupsppdc1-dev cups-bsd cups-common cups-ppdc cups-dbg cupsddk Architecture: source all amd64 Version: 1.4.4-7+squeeze4 Distribution: oldstable-security Urgency: high Maintainer: Debian CUPS Maintainers <pkg-cups-devel@lists.alioth.debian.org> Changed-By: Didier Raboud <odyx@debian.org> Description: cups - Common UNIX Printing System(tm) - server cups-bsd - Common UNIX Printing System(tm) - BSD commands cups-client - Common UNIX Printing System(tm) - client programs (SysV) cups-common - Common UNIX Printing System(tm) - common files cups-dbg - Common UNIX Printing System(tm) - debugging symbols cups-ppdc - Common UNIX Printing System(tm) - PPD manipulation utilities cupsddk - Common UNIX Printing System (transitional package) libcups2 - Common UNIX Printing System(tm) - Core library libcups2-dev - Common UNIX Printing System(tm) - Development files CUPS library libcupscgi1 - Common UNIX Printing System(tm) - CGI library libcupscgi1-dev - Common UNIX Printing System(tm) - Development files for CGI libra libcupsdriver1 - Common UNIX Printing System(tm) - Driver library libcupsdriver1-dev - Common UNIX Printing System(tm) - Development files driver librar libcupsimage2 - Common UNIX Printing System(tm) - Raster image library libcupsimage2-dev - Common UNIX Printing System(tm) - Development files CUPS image li libcupsmime1 - Common UNIX Printing System(tm) - MIME library libcupsmime1-dev - Common UNIX Printing System(tm) - Development files MIME library libcupsppdc1 - Common UNIX Printing System(tm) - PPD manipulation library libcupsppdc1-dev - Common UNIX Printing System(tm) - Development files PPD library Closes: 741333 Changes: cups (1.4.4-7+squeeze4) oldstable-security; urgency=high . * Backport security fix from cups-filters 1.0.47: pdftoopvp: SECURITY FIX for CVE-2013-6474, CVE-2013-6475, and CVE-2013-6476: Introduction of gmallocn and gmallocn3 to protect against arbitrary code execution with the privileges of the "lp" user via malicious PDF files. Also restrict the directory from where OPVP drivers can get loaded (Closes: #741333) Checksums-Sha1: 991c464780f8f085702683f008b5a4eef07d94d6 2583 cups_1.4.4-7+squeeze4.dsc c5a99e6fee887d6fb97792b7653c6d63e73add1a 598978 cups_1.4.4-7+squeeze4.diff.gz a781c494b64c29f77eb5b3bb7c020b3666166cd1 1344710 cups-common_1.4.4-7+squeeze4_all.deb be2f7c8583c18bd4c91acc05ade8717de7d99ab5 77216 cupsddk_1.4.4-7+squeeze4_all.deb 76a8166902712d826d605a85fc9f8b493937403d 234618 libcups2_1.4.4-7+squeeze4_amd64.deb 017fc279f256bebbd2c8abae2196c5f6b5c348e3 125918 libcupsimage2_1.4.4-7+squeeze4_amd64.deb e41e9281842c89508949546dbbcd92bc873a60d7 106096 libcupscgi1_1.4.4-7+squeeze4_amd64.deb 167ef2932e9fd109c74c8ad7a3ee49a668b1f22f 95042 libcupsdriver1_1.4.4-7+squeeze4_amd64.deb 5ee2be1e15e89e413082d4381500b9021c26ebf1 88492 libcupsmime1_1.4.4-7+squeeze4_amd64.deb 1be7a81f6cf41d145c92dee651f0503a48cd3088 132976 libcupsppdc1_1.4.4-7+squeeze4_amd64.deb ffadcf76484490d1b5c8f2063762c58e4c2a4e7e 2073536 cups_1.4.4-7+squeeze4_amd64.deb 4d601cbc1be04da6630da6691b650bc02d2ebdab 141424 cups-client_1.4.4-7+squeeze4_amd64.deb abdd15efdf82c8266a355b3052662561a512ae14 296824 libcups2-dev_1.4.4-7+squeeze4_amd64.deb c2e33e936e96142842876a0195923fe0736443b4 61182 libcupsimage2-dev_1.4.4-7+squeeze4_amd64.deb bf9499478bd28ba02844bdc52b9bce09e1189509 111540 libcupscgi1-dev_1.4.4-7+squeeze4_amd64.deb 314ba81988d07021978efe4bc388ea215971d8d0 97956 libcupsdriver1-dev_1.4.4-7+squeeze4_amd64.deb afd1ed666b83343a1af2c84c3559e75034d3e598 89094 libcupsmime1-dev_1.4.4-7+squeeze4_amd64.deb 407dbaf380c294a8411ed924697c44a3bc81dcd2 151040 libcupsppdc1-dev_1.4.4-7+squeeze4_amd64.deb dab1db0e0ae424ee46cac205b803778190eebe44 46578 cups-bsd_1.4.4-7+squeeze4_amd64.deb 6ecb60cbf936469c5d832bbbecca12ee990428cd 107404 cups-ppdc_1.4.4-7+squeeze4_amd64.deb 617056e1463d5570c3a4a1f2f84a679570159344 98208 cups-dbg_1.4.4-7+squeeze4_amd64.deb Checksums-Sha256: 23129a40cc4686396c1adc21402643327325be9d217925a4d76fc715f68224d8 2583 cups_1.4.4-7+squeeze4.dsc 53ebf7854cc5ff3c3cb292236d73833f1ae9e8ce959608219eb09f76feb574ff 598978 cups_1.4.4-7+squeeze4.diff.gz 1dfce6447a565fe9f2ee018aea42d669a4faed60d4504a66a74cf2a499f023f1 1344710 cups-common_1.4.4-7+squeeze4_all.deb b5e83b5e0b266e6c531b50db9c5b939435b3f66c6cb19bb9f60ef4ed5b2ddd42 77216 cupsddk_1.4.4-7+squeeze4_all.deb 1a69db79af3000893234db41f2f5837cdf28d5a160628557957e00267e89c848 234618 libcups2_1.4.4-7+squeeze4_amd64.deb 98258db73570e666b6bb03c8878278c383981ebdbc64f9bf725274fc8fddcd0b 125918 libcupsimage2_1.4.4-7+squeeze4_amd64.deb 9f3b3dea295259134b2f86d6f4b1bd6c927c92e0387c27cad26a2dd77c648df2 106096 libcupscgi1_1.4.4-7+squeeze4_amd64.deb db543320c8149d7ad9ef2c1389d1656d8979d4b09e5890e84b8fb835936a58db 95042 libcupsdriver1_1.4.4-7+squeeze4_amd64.deb afec5177ab56642a4b7107875d47b1db848cfc763fe9997aa78b7c81f57d36fe 88492 libcupsmime1_1.4.4-7+squeeze4_amd64.deb 2b74f2a47a1ab2b2cb307981e6c362c28516102f5c8641ad53991f36ba57e8be 132976 libcupsppdc1_1.4.4-7+squeeze4_amd64.deb f7352f599f2070915c129818bc15c775e81b93aa07accea05217f109c4247c30 2073536 cups_1.4.4-7+squeeze4_amd64.deb 134d399c9fc840747ee5cbe0dd742f741bb8cb4df63ff8c58a295906604d761b 141424 cups-client_1.4.4-7+squeeze4_amd64.deb 77e1886d176428726f336d2ee6977d3347147b6698cac30c48764e18668b7d20 296824 libcups2-dev_1.4.4-7+squeeze4_amd64.deb cb62eea58d892c65c9dee3ec3cbef80c4dd889f29bc3be899c6e85cfc9a3363d 61182 libcupsimage2-dev_1.4.4-7+squeeze4_amd64.deb 544a1b769b86ad4ad88a005e1b7fea766e9573e130c986d8f88bf2a8a7f741ad 111540 libcupscgi1-dev_1.4.4-7+squeeze4_amd64.deb 16ddc3ed3447dc28281ed254c9954e636c4752897b06e9705019b73a5e73d18e 97956 libcupsdriver1-dev_1.4.4-7+squeeze4_amd64.deb 7943e908f0c50622a323d3d46ed49dbd8e58252e6da02556f06c6e8cbf0937b4 89094 libcupsmime1-dev_1.4.4-7+squeeze4_amd64.deb 8760faa029d431fbe3075c2a57b1166869a02aea1e8815f4f8ab2b0befb36e4f 151040 libcupsppdc1-dev_1.4.4-7+squeeze4_amd64.deb 4972722c5728012ef5664d51f2d0d11606801df8b74679473ece52396c88c2ad 46578 cups-bsd_1.4.4-7+squeeze4_amd64.deb 70ebf9f5d5da8a13f3bec6789826f62a2c715f776818e76d2dab26b95f6f4845 107404 cups-ppdc_1.4.4-7+squeeze4_amd64.deb 01a690102a97abb8598bc5de0c4851d8f67b022ad9d65b48d8cff72c7889e160 98208 cups-dbg_1.4.4-7+squeeze4_amd64.deb Files: 7f777e5ddbda6ed0590bdd93987cc976 2583 net optional cups_1.4.4-7+squeeze4.dsc 47b8212e8e368c40e2f1d07d951d4a97 598978 net optional cups_1.4.4-7+squeeze4.diff.gz 99f96c7421328396a08e6479be73454a 1344710 net optional cups-common_1.4.4-7+squeeze4_all.deb 8c7cd4335ea66630040cae7cc9fd3775 77216 oldlibs extra cupsddk_1.4.4-7+squeeze4_all.deb 1892c64eefe2a412bb9dc2100770633e 234618 libs optional libcups2_1.4.4-7+squeeze4_amd64.deb 484ea64392c191eb602955672f76e0c5 125918 libs optional libcupsimage2_1.4.4-7+squeeze4_amd64.deb c7c411729b577522a15de00eed5f8806 106096 libs optional libcupscgi1_1.4.4-7+squeeze4_amd64.deb c9e2302c22be2f0030e3fac7b8695db6 95042 libs optional libcupsdriver1_1.4.4-7+squeeze4_amd64.deb 6a02bb437587aa2281c18c3c450d104a 88492 libs optional libcupsmime1_1.4.4-7+squeeze4_amd64.deb 96c61ff9e4d8d2bea779a30fe6848a66 132976 libs optional libcupsppdc1_1.4.4-7+squeeze4_amd64.deb 2af40a17a3d869e4fa5d0cd3ad6753ff 2073536 net optional cups_1.4.4-7+squeeze4_amd64.deb 121393e3a90e5f2e32c61fdf634363c2 141424 net optional cups-client_1.4.4-7+squeeze4_amd64.deb 6912247fe6b37183a8057e0ee134cc74 296824 libdevel optional libcups2-dev_1.4.4-7+squeeze4_amd64.deb 1e7337eedbe439cf11d4586958a869eb 61182 libdevel optional libcupsimage2-dev_1.4.4-7+squeeze4_amd64.deb e3fd656eb78b81ba00a0ca35f899b181 111540 libdevel optional libcupscgi1-dev_1.4.4-7+squeeze4_amd64.deb 5ec9ab559b6e94ca92880f1866fb159e 97956 libdevel optional libcupsdriver1-dev_1.4.4-7+squeeze4_amd64.deb 32e6ac24afa5618626da6e20ce87453c 89094 libdevel optional libcupsmime1-dev_1.4.4-7+squeeze4_amd64.deb a771a0044b476e8781f0dc8d8cdd0f4f 151040 libdevel optional libcupsppdc1-dev_1.4.4-7+squeeze4_amd64.deb 23fd1d2162f8f4fb4631b6ac4939e637 46578 net extra cups-bsd_1.4.4-7+squeeze4_amd64.deb 03ce4579dd3720ac4e288172d546f909 107404 net optional cups-ppdc_1.4.4-7+squeeze4_amd64.deb 6713a0fbc41977275490f0ca365f920b 98208 debug extra cups-dbg_1.4.4-7+squeeze4_amd64.deb -----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0.22 (GNU/Linux) iQGcBAEBCAAGBQJTHxr6AAoJEIvPpx7KFjRV9YkMAIvm3VvS4MsnQWpDi6IA6tDi qwLaq60E4CLJKYaLS8sWLrCTMZbGBr6695x/CgD9O9QwmSJvA0IOqqMMhe1nhlxO tUq8HxYT+m/nlk2u1jtjMovXtmbQw1ntvWaG1TFmFFWe8y/Ihdq8ic563D+y5waB fA90wf8z45HzTG/OPxHjIMzeK1B+DbZUNTW1UFg08hZm8umN1FEvF9N/U6V0vYZg YIZAGuoN8h6hLTxY4+M+G8y6A4vmje5FnK2c6NoksgksrK4z/DHQVMfy0epxKb7/ /fEQF4UtrLw6S9oXuqdnTmNag9td/wQl0iosPYJQrJ8P0nVBUeFLInif1Hk1THik FmDBhe1gejnn5r6rRYq6YJhfrfq849iPTR0SspCGbhSOelBCy5kCjvpkSA88Na2i TlYKyIjIVpMQwTF6YltkT1LgOGkyjifsV9HrtnqjFJXTNDN8PktsQNaIwzWQZRpJ Me3QRh0yUh4BBw03Tw/eRYqcoyfwd4vb84SyLMxd1Q== =uEVL -----END PGP SIGNATURE-----