Bug 39402 - cups: Multiple issues (ES 3.1)
cups: Multiple issues (ES 3.1)
Status: CLOSED FIXED
Product: UCS
Classification: Unclassified
Component: Security updates
UCS 3.1
Other Linux
: P2 normal (vote)
: UCS 3.1-ES
Assigned To: Janek Walkenhorst
Arvid Requate
:
Depends on:
Blocks:
  Show dependency treegraph
 
Reported: 2015-09-24 20:08 CEST by Arvid Requate
Modified: 2015-11-23 17:36 CET (History)
0 users

See Also:
What kind of report is it?: ---
What type of bug is this?: ---
Who will be affected by this bug?: ---
How will those affected feel about the bug?: ---
User Pain:
Enterprise Customer affected?:
School Customer affected?:
ISV affected?:
Waiting Support:
Flags outvoted (downgraded) after PO Review:
Ticket number:
Bug group (optional): Security
Max CVSS v3 score:
requate: Patch_Available+


Attachments
3.1-cups.txt.asc (1.54 KB, text/plain)
2015-09-29 19:04 CEST, Janek Walkenhorst
Details
3.1-cups.txt.asc (1.54 KB, text/plain)
2015-11-18 17:35 CET, Janek Walkenhorst
Details

Note You need to log in before you can comment on or make changes to this bug.
Description Arvid Requate univentionstaff 2015-09-24 20:08:48 CEST
+++ This bug was initially created as a clone of Bug #39401 +++

Two issues have been fixed in upstream Debian package version 1.4.4-7+squeeze10:

* cups-filters: texttopdf heap-based buffer overflow (CVE-2015-3258)
* integer overflow leading to a heap-based buffer overflow (CVE-2015-3279)
Comment 1 Janek Walkenhorst univentionstaff 2015-09-29 19:04:10 CEST
Created attachment 7192 [details]
3.1-cups.txt.asc
Comment 2 Janek Walkenhorst univentionstaff 2015-09-29 19:04:32 CEST
Patch from 1.4.4-7+squeeze9 to 1.4.4-7+squeeze10 extracted.
Comment 3 Arvid Requate univentionstaff 2015-11-18 12:46:07 CET
See Bug 39401 Comment 3.
Comment 4 Janek Walkenhorst univentionstaff 2015-11-18 17:35:08 CET
Created attachment 7313 [details]
3.1-cups.txt.asc
Comment 5 Janek Walkenhorst univentionstaff 2015-11-18 17:35:40 CET
r15432
Comment 6 Arvid Requate univentionstaff 2015-11-18 17:38:55 CET
Verified:
* Patches correct as in Bug 39401
* Applied during build
* Update and functional tests
* Advisory
Comment 7 Janek Walkenhorst univentionstaff 2015-11-23 17:36:02 CET
Released