-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Format: 1.8 Date: Sun, 30 Mar 2014 12:43:56 +0200 Source: a2ps Binary: a2ps Architecture: source amd64 Version: 1:4.14-1.1+deb7u1 Distribution: wheezy-security Urgency: high Maintainer: Masayuki Hatta (mhatta) <mhatta@debian.org> Changed-By: Salvatore Bonaccorso <carnil@debian.org> Description: a2ps - GNU a2ps - 'Anything to PostScript' converter and pretty-printer Closes: 737385 742902 Changes: a2ps (1:4.14-1.1+deb7u1) wheezy-security; urgency=high . * Non-maintainer upload by the Security Team. * Add 09_CVE-2001-1593.dpatch patch. CVE-2011-1593: Fix insecure use of /tmp Thanks to Jakub Wilk <jwilk@debian.org> (Closes: #737385) * Add 10_CVE-2014-0466.dpatch patch. CVE-2014-0466: fixps does not invoke gs with -dSAFER. A malicious PostScript file could delete files with the privileges of the invoking user. Thanks to brian m. carlson <sandals@crustytoothpaste.net> (Closes: #742902) Checksums-Sha1: 51a294add4a723aff8d3dd7fb0526cd707995ff1 1846 a2ps_4.14-1.1+deb7u1.dsc 365abbbe4b7128bf70dad16d06e23c5701874852 2552507 a2ps_4.14.orig.tar.gz 7c84421d97e746c242358b0410a5d44912fff690 30059 a2ps_4.14-1.1+deb7u1.diff.gz 54ec39ed0ea16591d16b0ec4a82b13654b1c75fd 956298 a2ps_4.14-1.1+deb7u1_amd64.deb Checksums-Sha256: d9c245a2c56378f75842842e1e53c00a5d53ebcd5dad0bb0b15ce3055ad5b3a6 1846 a2ps_4.14-1.1+deb7u1.dsc f3ae8d3d4564a41b6e2a21f237d2f2b104f48108591e8b83497500182a3ab3a4 2552507 a2ps_4.14.orig.tar.gz d3e42c0a9abd326d86881be9e4693cf970cfd59a808838a79ba2105a792e8363 30059 a2ps_4.14-1.1+deb7u1.diff.gz e47d7fe9adb7aa62421108debf425830f4e2385e98151c5cb359d3eb8688eea8 956298 a2ps_4.14-1.1+deb7u1_amd64.deb Files: a7aa5a7ad06420950b945a0bca42a8bd 1846 text optional a2ps_4.14-1.1+deb7u1.dsc 781ac3d9b213fa3e1ed0d79f986dc8c7 2552507 text optional a2ps_4.14.orig.tar.gz fc4b04279150786111ecd7c159f52af5 30059 text optional a2ps_4.14-1.1+deb7u1.diff.gz b557a599dafd687611119264203ef2aa 956298 text optional a2ps_4.14-1.1+deb7u1_amd64.deb -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iQIcBAEBCgAGBQJTOEHNAAoJEAVMuPMTQ89EQ1oP/A6lL3Qo3RQ/On+EZBf+Mr/J zKVK1+5kODEi1buYttVE10iBZgPnx3JZmfnSJYphLwsSb0nzys31Vp0IpaNQcLuy 7JxQaISNk4rc7KbhjC2j2ClrFJ1UltxipyRVYkApnP7UaNrIQb3TXqRVfWkYxCMB N/CFVhmEZzFeVlnscaEbu2aRAiW93ipD7giH2PTkBjKVFziGMIQOSVVnRUmmPLlw U3p1hhp350CpRQdKnmqThnhckqG/IayGbRr0yOTeg9v1/7ZIi5Nn3gqKlQ5GmTcp OcM3hH/0g8LUxiGiwzsrPrIsAULWJHHO4vQ3TFGNyYRsdpRNU6D+X7Acw1mqNUi7 hyQ9X/JQTO+G3+BAhZKR02ll4GJIBNobeWiCu5wBUWiukQGEnMPV24UyRlteCU+2 X934YWFo3Tia3sKJq323VU1E5DAZJMm5jsn1UMuOfpWew1ptOc1ri5L7YCOMBmzw wN2QmkvGScj/x/E0zNCpSmPv3uVa9MUPa9RfplnPJmVcLtTZjv8kqXL+VF6PGZCO B6OB21wNGsQhmmHfp6Mlaq5EiKXkPKR7zLik1uvm1mpIMycfDTUTVJct9Er2NswA QRiLGufqHtXrRL+qrJ+CDkGrvUJVBSRa5YNXg8a2fveq7nCtoRAJotB1em2WsYjg xyF0gv1N6dw6gbCySXon =abrz -----END PGP SIGNATURE-----
