From:
[email protected]
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
- ------------------------------------------------------------------------ Debian Security Advisory DSA-1773-1
[email protected] http://www.debian.org/security/ Steffen Joeris
April 17, 2009
http://www.debian.org/security/faq
- ------------------------------------------------------------------------
Package : cups
Vulnerability : integer overflow
Problem type : local (remote)
Debian-specific: no
CVE Id : CVE-2009-0163
It was discovered that the imagetops filter in cups, the Common UNIX
Printing System, is prone to an integer overflow when reading malicious
TIFF images.
For the stable distribution (lenny), this problem has been fixed in
version 1.3.8-1lenny5.
For the oldstable distribution (etch), this problem has been fixed in
version 1.2.7-4etch7.
For the testing distribution (squeeze) and the unstable distribution
(sid), this problem will be fixed soon.
We recommend that you upgrade your cups packages.
Upgrade instructions
- --------------------
wget url
will fetch the file for you
dpkg -i file.deb
will install the referenced file.
If you are using the apt-get package manager, use the line for
sources.list as given below:
apt-get update
will update the internal database
apt-get upgrade
will install corrected packages
You may use an automated update by adding the resources from the
footer to the proper configuration.
Debian GNU/Linux 4.0 alias etch
- -------------------------------
Debian (oldstable)
- ------------------
Oldstable updates are available for alpha, amd64, arm, hppa, i386, ia64, mips, mipsel, powerpc, s390 and sparc.
Source archives:
http://security.debian.org/pool/updates/main/c/cupsys/cupsys_1.2.7-4etch7.dsc
Size/MD5 checksum: 1092 4203af9c21af4d6918245cd45acb06bb
http://security.debian.org/pool/updates/main/c/cupsys/cupsys_1.2.7-4etch7.diff.gz
Size/MD5 checksum: 109374 af603a7173c6df4f33b048ffc7115bd8
http://security.debian.org/pool/updates/main/c/cupsys/cupsys_1.2.7.orig.tar.gz
Size/MD5 checksum: 4214272 c9ba33356e5bb93efbcf77b6e142e498
Architecture independent packages:
http://security.debian.org/pool/updates/main/c/cupsys/libcupsys2-gnutls10_1.2.7-4etch7_all.deb
Size/MD5 checksum: 46244 44171d0a66210c387b6af8448f6d521d
http://security.debian.org/pool/updates/main/c/cupsys/cupsys-common_1.2.7-4etch7_all.deb
Size/MD5 checksum: 893990 3f5525cb2fc50e8a06352e587737e2dc
alpha architecture (DEC Alpha)
http://security.debian.org/pool/updates/main/c/cupsys/cupsys-bsd_1.2.7-4etch7_alpha.deb
Size/MD5 checksum: 39294 ced5ae3328348f9d3ae2676353e726bb
http://security.debian.org/pool/updates/main/c/cupsys/libcupsys2-dev_1.2.7-4etch7_alpha.deb
Size/MD5 checksum: 184844 ecdf10a00e54d73bc9bba1044f42fc22
http://security.debian.org/pool/updates/main/c/cupsys/cupsys-dbg_1.2.7-4etch7_alpha.deb
Size/MD5 checksum: 1093362 f5be00bdf1562065aae9ea9fdb6663dc
http://security.debian.org/pool/updates/main/c/cupsys/libcupsys2_1.2.7-4etch7_alpha.deb
Size/MD5 checksum: 175490 5b2ece54509d960d8a1a3641412937f8
http://security.debian.org/pool/updates/main/c/cupsys/cupsys-client_1.2.7-4etch7_alpha.deb
Size/MD5 checksum: 86398 7f312dfb4ff21681dff286d99d3896d8
http://security.debian.org/pool/updates/main/c/cupsys/cupsys_1.2.7-4etch7_alpha.deb
Size/MD5 checksum: 1604044 5656d9acd49fba643a50934599675ebc
http://security.debian.org/pool/updates/main/c/cupsys/libcupsimage2_1.2.7-4etch7_alpha.deb
Size/MD5 checksum: 95756 127511aa7fc682dab5e853b608ccba11
http://security.debian.org/pool/updates/main/c/cupsys/libcupsimage2-dev_1.2.7-4etch7_alpha.deb
Size/MD5 checksum: 72988 5da04efb7c621d273910e5f5fe9ec9c1
amd64 architecture (AMD x86_64 (AMD64))
http://security.debian.org/pool/updates/main/c/cupsys/cupsys-bsd_1.2.7-4etch7_amd64.deb
Size/MD5 checksum: 36358 81cea5176eb873a11c89fccd558da98f
http://security.debian.org/pool/updates/main/c/cupsys/libcupsimage2_1.2.7-4etch7_amd64.deb
Size/MD5 checksum: 86462 6c33916f4c531bba16f777f71f772293
http://security.debian.org/pool/updates/main/c/cupsys/cupsys_1.2.7-4etch7_amd64.deb
Size/MD5 checksum: 1576296 724f40dec3726a6d099c97fc3cafb484
http://security.debian.org/pool/updates/main/c/cupsys/libcupsys2-dev_1.2.7-4etch7_amd64.deb
Size/MD5 checksum: 142530 0e9faa06043e872626093a03fa17292c
http://security.debian.org/pool/updates/main/c/cupsys/libcupsys2_1.2.7-4etch7_amd64.deb
Size/MD5 checksum: 162692 bd08c8846a95488ec98fea36e105638b
http://security.debian.org/pool/updates/main/c/cupsys/cupsys-dbg_1.2.7-4etch7_amd64.deb
Size/MD5 checksum: 1088628 03b7431460c4d52d15f8525c0b01eddf
http://security.debian.org/pool/updates/main/c/cupsys/cupsys-client_1.2.7-4etch7_amd64.deb
Size/MD5 checksum: 80736 06d9dd7cd306e846e36047a0eb6f0699
http://security.debian.org/pool/updates/main/c/cupsys/libcupsimage2-dev_1.2.7-4etch7_amd64.deb
Size/MD5 checksum: 53046 873a9f887cada29675d76f5c652af7a6
arm architecture (ARM)
http://security.debian.org/pool/updates/main/c/cupsys/libcupsys2_1.2.7-4etch7_arm.deb
Size/MD5 checksum: 155368 736f7fc1a145dfac7b96ab591b6b9a27
http://security.debian.org/pool/updates/main/c/cupsys/cupsys-dbg_1.2.7-4etch7_arm.deb
Size/MD5 checksum: 1026102 492569202623c8e389586e0a651c9b3f
http://security.debian.org/pool/updates/main/c/cupsys/cupsys_1.2.7-4etch7_arm.deb
Size/MD5 checksum: 1569744 19ce598de83cfa70b6a296f38c020478
http://security.debian.org/pool/updates/main/c/cupsys/cupsys-client_1.2.7-4etch7_arm.deb
Size/MD5 checksum: 78908 a0f4d02f5b163fe6c6e77df98c63e300
http://security.debian.org/pool/updates/main/c/cupsys/libcupsimage2_1.2.7-4etch7_arm.deb
Size/MD5 checksum: 85818 603f3fd2de4599fc6d3e593ba6a44dfb
http://security.debian.org/pool/updates/main/c/cupsys/cupsys-bsd_1.2.7-4etch7_arm.deb
Size/MD5 checksum: 35934 d04cdfc9eab65c862c8bd6510c0b22aa
http://security.debian.org/pool/updates/main/c/cupsys/libcupsys2-dev_1.2.7-4etch7_arm.deb
[continued in next message]
--- SoupGate-Win32 v1.05
* Origin: you cannot sedate... all the things you hate (1:229/2)