Debian Package Tracker

From: Debian FTP Masters <ftpmaster@ftp-master.debian.org>
To: <debian-lts-changes@lists.debian.org> , <dispatch@tracker.debian.org>
Subject: Accepted cups-filters 1.28.7-1+deb11u4 (source) into oldoldstable-security
Date: Tue, 25 Nov 2025 14:30:20 +0000
Signed by: Thorsten Alteholz <alteholz@debian.org>

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Format: 1.8
Date: Thu, 20 Nov 2025 10:45:05 +0100
Source: cups-filters
Architecture: source
Version: 1.28.7-1+deb11u4
Distribution: bullseye-security
Urgency: high
Maintainer: Debian Printing Team <debian-printing@lists.debian.org>
Changed-By: Thorsten Alteholz <debian@alteholz.de>
Closes: 1120698 1120704
Changes:
 cups-filters (1.28.7-1+deb11u4) bullseye-security; urgency=high
 .
   * CVE-2025-64503
     fix an out of bounds write vulnerability when processing crafted
     PDF files containing a large 'Mediabox' value.
     (Closes: #1120698)
 .
   * CVE-2025-57812
     fix an out of bounds read/write vulnerability in the processing
     of TIFF image files.
     (Closes: #1120704)
 .
   * CVE-2025-64524
     fix infinite loop with crafted input raster file, that resuls
     into a heap buffer overflow
Checksums-Sha1:
 11b637815090a4cd682e40ff4ae74568d10f3993 3042 cups-filters_1.28.7-1+deb11u4.dsc
 b4096e5aa17d8e398b5cc352490476175af508fd 1503052 cups-filters_1.28.7.orig.tar.xz
 df43ba8aa23f443cf655403a8a3968a27a54d0a4 87956 cups-filters_1.28.7-1+deb11u4.debian.tar.xz
 adeae02f075570b06d6d46eb233435f32ec30e85 14507 cups-filters_1.28.7-1+deb11u4_amd64.buildinfo
Checksums-Sha256:
 f8f60d931ac681b2c3831ad5f7dfe5d8440a34362106d3a29a03175db7db11ee 3042 cups-filters_1.28.7-1+deb11u4.dsc
 e4150902809c58dfff7089c9345f196ecd88e38bce2be4800fa4811a0902057d 1503052 cups-filters_1.28.7.orig.tar.xz
 8a32c78f29f19c126675cd2a1cab785ec3de2c30e082d092f50b0004f5309b07 87956 cups-filters_1.28.7-1+deb11u4.debian.tar.xz
 42594424682778af2918dc5216e29dade2fc1bc18b320649edc1c2aa4c10bec0 14507 cups-filters_1.28.7-1+deb11u4_amd64.buildinfo
Files:
 53463568ebbfa5eabd8b8b752e66cf61 3042 net optional cups-filters_1.28.7-1+deb11u4.dsc
 2efeed97e11ea5e157c5f4f2e0780fe7 1503052 net optional cups-filters_1.28.7.orig.tar.xz
 08e00c5121a8c3855a1bcddfbfc14250 87956 net optional cups-filters_1.28.7-1+deb11u4.debian.tar.xz
 4293ae93bdc0c5682f8543aae4448268 14507 net optional cups-filters_1.28.7-1+deb11u4_amd64.buildinfo

-----BEGIN PGP SIGNATURE-----

iQKnBAEBCgCRFiEEYgH7/9u94Hgi6ruWlvysDTh7WEcFAmklutJfFIAAAAAALgAo
aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldDYy
MDFGQkZGREJCREUwNzgyMkVBQkI5Njk2RkNBQzBEMzg3QjU4NDcTHGRlYmlhbkBh
bHRlaG9sei5kZQAKCRCW/KwNOHtYRw6JEAC5KG+8Uys0OYk6x1Ton8iiGI7cRsY+
3Uty+DD/1rQCiiJf59+mwmos3kc6e+Rg5S58P5F5Krn14qb7n7eEJr/vmWe76Eze
S/cBWph4rttnVVDAua7JHKT4Isi08SZxwgTkh7jDVrqc+HWERWRjmtNEX8j54TkH
MkvlkgqD8Wx2Vbfvtm8XtV1BP0otC8DhwRAmsRE7egi2rMw0y2iFgGfdDAprowlw
yHmCQ0L//v+7gHGu9+/WxBU8eSJg/6FhffdkcpdUkrvmCNpz1P2kbolVGcEtm6GL
O8+g0W0lgGRc1vmTAJlFQccYmqEnVT0cWaGAUOo+2MWNtHE7oVy9Yg6EeZLMXWdA
AZ0T/gBNn3qz8fl2ZnEM1W/ZFdW1euEQ+2AlM2uLKcfGc9NiqDwe+yH58qsMUMbv
L4B+g43YgP42WORpXZ4yRJMPw66KTOkxscpeDTmtrGlKTYoZcRzm4RDIUWnPXvr/
LB8Jl7YIICjdbJUR3HKkl8PLQFQotDEZde8xszQEMhhgBYEAB+whh7EwL31DcyTs
eX5l6gN3clj24Dlra4aps/Tz9R8uJyxus0dca5r+HzVeEhlkf0sA0EE5LzlZ6T3M
EcHGPYOl+qFWAYwomg6kZUO4fDsII7Kn3SaIoo7LEo7M7UG9Wa7ck48NFUyYlO4w
Iix4BfYuBOsn/w==
=TIDR
-----END PGP SIGNATURE-----

News for package cups-filters