-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Format: 1.8 Date: Sun, 30 Mar 2014 18:14:06 +0200 Source: a2ps Binary: a2ps Architecture: source amd64 Version: 1:4.14-1.1+deb6u1 Distribution: squeeze-security Urgency: high Maintainer: Masayuki Hatta (mhatta) <mhatta@debian.org> Changed-By: Salvatore Bonaccorso <carnil@debian.org> Description: a2ps - GNU a2ps - 'Anything to PostScript' converter and pretty-printer Closes: 737385 742902 Changes: a2ps (1:4.14-1.1+deb6u1) squeeze-security; urgency=high . * Non-maintainer upload by the Security Team. * Add 09_CVE-2001-1593.dpatch patch. CVE-2011-1593: Fix insecure use of /tmp Thanks to Jakub Wilk <jwilk@debian.org> (Closes: #737385) * Add 10_CVE-2014-0466.dpatch patch. CVE-2014-0466: fixps does not invoke gs with -dSAFER. A malicious PostScript file could delete files with the privileges of the invoking user. Thanks to brian m. carlson <sandals@crustytoothpaste.net> (Closes: #742902) Checksums-Sha1: 3a1f0f57f47b67682d403a3014381d78edfc4eb9 1807 a2ps_4.14-1.1+deb6u1.dsc 0db14668fe17c04672a7df818106d8faa3dbdcbc 30454 a2ps_4.14-1.1+deb6u1.diff.gz b860924feffd922c9751930f0321d03784765c0f 955130 a2ps_4.14-1.1+deb6u1_amd64.deb Checksums-Sha256: 7e72e708e7b688d63d5c0b99b93793ad5f10f0ea30fbacd906fb187b09867dbd 1807 a2ps_4.14-1.1+deb6u1.dsc 9030794fbf3e926ad523929af3a5d13bd71c3aeea1f83c5760d2782130adb1d1 30454 a2ps_4.14-1.1+deb6u1.diff.gz 1f080767d758d6693034e8c8a0f0dd4ac12e357ff0281a64707e34aff07e544b 955130 a2ps_4.14-1.1+deb6u1_amd64.deb Files: 8600d0862387e87074cc8f2738c3a6fe 1807 text optional a2ps_4.14-1.1+deb6u1.dsc 5a06d4d72c9a82b52f51396c4a258fef 30454 text optional a2ps_4.14-1.1+deb6u1.diff.gz aaae4242cdd5ae3d5c2904efc210e0d3 955130 text optional a2ps_4.14-1.1+deb6u1_amd64.deb -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iQIcBAEBCgAGBQJTOEV9AAoJEAVMuPMTQ89E4xcQAIWnQUskiILVtE5jIRloyq1e Ng9FouyBs/0ur075b7k34eQuDtrFFE8XtOTKlPboOZdrk3Sq8Bm/Q6V4vbKmFqfj NReU2uoQxkITO3ZYlrJXHLNx0LRsMwBU+ryDhLmH9U8Raxnlmjks36068CzLYfAg V1ZrTXxrhfYKpxmva2DmXp3euN3pkaBYSyuXRzzIhwAUmL2HnhDFOAck0VEk3vkB siZJdye970MPS44jfAt/2P3pnpHJoDYRvU5uLZo0BZIKWV4mOsJ3WGT6acifAZ72 O+sBrqJjIqnLsukPSCQOV484hZCwO3wvbs9qdj5LxF2bhxlLehhphDY6ltOJav/g 3CpPU1ngl6qzccT84V7a1iIEjdqRIE6uF7OmUbixgF6xjIu2yka7bb37PlAVdmk+ gJewZzp3fzRElinUZW01N7W7HUPCewO+59HkxjJz7+99hCTdLgySZYUzGY918lRT /gkccLp1Z+LwtY6Zpo5vc192NtcGZ3L7foYRJky2kHq6It3KEJpLbrFP3N/sADR8 +rWeyoOHQpOecKaPfo+PgtmqP1++qdpE7SQcB3JskpWN117viZzaBLhtmDWC5tB6 i+bIXYNpm4ucSNggmGJ6h7rZFXgEKGVl8Es2L5RaQNPuyL24ekbLY7/jBk0lbWf9 kWjEN4k3Gs9nTh/79MO3 =EewD -----END PGP SIGNATURE-----