-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 Format: 1.8 Date: Wed, 11 Mar 2015 13:50:30 +0100 Source: cups-filters Binary: libcupsfilters1 libfontembed1 cups-filters cups-filters-core-drivers libcupsfilters-dev libfontembed-dev cups-browsed Architecture: source Version: 1.0.61-5 Distribution: unstable Urgency: high Maintainer: Debian Printing Team <debian-printing@lists.debian.org> Changed-By: Didier Raboud <odyx@debian.org> Description: cups-browsed - OpenPrinting CUPS Filters - cups-browsed cups-filters - OpenPrinting CUPS Filters - Main Package cups-filters-core-drivers - OpenPrinting CUPS Filters - PPD-less printing libcupsfilters-dev - OpenPrinting CUPS Filters - Development files for the library libcupsfilters1 - OpenPrinting CUPS Filters - Shared library libfontembed-dev - OpenPrinting CUPS Filters - Development files for font embed libr libfontembed1 - OpenPrinting CUPS Filters - Font Embed Shared library Closes: 780267 Changes: cups-filters (1.0.61-5) unstable; urgency=high . * Backport upstream's patch to fix a bug in the remove_bad_chars() failing to reliably filter out illegal characters, allowing execution of arbitrary commands with the rights of the "lp" user, using forged print service announcements on DNS-SD servers (Closes: #780267, CVE-2015-2265) * Urgency high for the security fix Checksums-Sha1: 80f724bb33d2dad0b7b6bbb7441cc96f88acac68 2708 cups-filters_1.0.61-5.dsc 119395ad2fbcfdcd476d924dcf608097135b0b83 67048 cups-filters_1.0.61-5.debian.tar.xz Checksums-Sha256: 47d4e1d0459e86b70e56f25ddc404b00d3e1b1f79f560641ea83b9c7de318352 2708 cups-filters_1.0.61-5.dsc 2cf8d73ee96581f4c07650b3c4c156b1ff88360be2cc5ad341e6b0d57617e0e6 67048 cups-filters_1.0.61-5.debian.tar.xz Files: 0e1a880b02d0992bf5694aa431bf9b38 2708 net optional cups-filters_1.0.61-5.dsc e3ca5656730730d5c068e816483a98a8 67048 net optional cups-filters_1.0.61-5.debian.tar.xz -----BEGIN PGP SIGNATURE----- Version: GnuPG v2 iQGcBAEBCAAGBQJVAEEYAAoJEIvPpx7KFjRVuBUL/jiYzTRCOQyC+Tlt7vqE5han YybjAR9ZQ57M2thddaCOHECPU6HQ5+tn7ssmLTUgrp0gqcTvlU7NKoMwOSeDWtpZ 5im3tHRTiTRILyQgmj0Q9t7u5KN9JR5ztmRUylyNMyiuGaGihUefWvaWLXBqC16d 3MyrasFPilNkv4GpP+TWQrzgh/vOkBIKiHA/bmfo6SGv2/wFFx2U0y3DGikFWbkt 2wDDIkKcItpWUQtJsj80YXjqrZiBEh3+BIXUAThcjV4+mtLbziHNWJJEQJYGLLZj cZHRM2tQNk65mn6D3VS5zgQ6/oSEzySyilQSOooqAvYHVodLEy2zZ5wKqHJJcd56 XkvrBIF2mkXXWkSBnnQrHMNmwlE7pCxob9wM0L8giJe76+DG3yjXWv9d/kDTZy/j bYdDKfX0VX2H8oqJScT4oHsAYqmJgVotPCZMZYg2w02nFasgx1JgXgNMjtQcSbmf yo8wYbAAM+1JVqb7ldYCPCjJyAOkEjlmJi1Fpnmjtw== =U4qY -----END PGP SIGNATURE-----