Univention Bugzilla – Bug 37815
cups: Multiple issues (4.0)
Last modified: 2015-09-23 17:11:06 CEST
CVE-2014-9679: buffer overflow in cupsRasterReadPixels
Fixed in upstream Debian package version 1.5.3-5+deb7u5
Fixed in upstream Debian package version 1.5.3-5+deb7u6: * Improper Update of Reference Count (CVE-2015-1158) * Cross-Site Scripting (CVE-2015-1159)
cups 1.5.3-5+deb7u6 imported from wheezy and built in errata4.0-3. YAML: 2015-09-11-cups.yaml
OK: DEBIAN_FRONTEND=noninteractive apt-get install -y cups OK: /usr/share/doc/cups/changelog.Debian.gz OK: r63647 + r63650 / 2015-09-11-cups.yaml / CVEs OK: Test: apt-get install cups-pdf, ssh 10.200.3.18 -L 10631:localhost:631, add pdf-printer, print test page, download and check → CUPS test page was prperly printed
<http://errata.software-univention.de/ucs/4.0/321.html>