Please update cupsys to the generic version for hardy to fix several security vulnerabilities

Bug #329293 reported by Nicola Ferralis on 2009-02-14
252
Affects Status Importance Assigned to Milestone
The Dell Mini Project
Critical
Unassigned

Bug Description

Cupsys in hardy for the dell mini is in version 1.3.7-1ubuntu3 which is affected by several security vulnerabilities. The version in generic hardy ( 1.3.7-1ubuntu3) includes already the patches. So those should be ported to hardy for the mini.

Changelog:

cupsys (1.3.7-1ubuntu3.3) hardy-security; urgency=low

  * SECURITY UPDATE: denial of service by adding a large number of RSS
    subscriptions (LP: #298241)
    - debian/patches/CVE-2008-5183.dpatch: gracefully handle MaxSubscriptions
      being reached in scheduler/{ipp.c,subscriptions.c}.
    - CVE-2008-5183
  * SECURITY UPDATE: unauthorized access to RSS subscription functions in
    web interface (LP: #298241)
    - debian/patches/CVE-2008-5184.dpatch: make sure user is authenticated
      in /cgi-bin/admin.c.
    - CVE-2008-5184
  * SECURITY UPDATE: arbitrary code execution via integer overflow from a PNG
    image with a large height value
    - This issue was introduced in the patch for CVE-2008-1722.
    - debian/patches/CVE-2008-1722.dpatch: adjust patch to multiply img->xsize
      instead of img->ysize so we don't overflow in filter/image-png.c.
    - CVE-2008-5286
  * SECURITY UPDATE: arbitrary file overwrite via temp log file symlink attack
    - debian/filters/pstopdf: use the cleaned-up version from Debian.
    - CVE-2008-5377

 -- Marc Deslauriers <email address hidden> Thu, 08 Jan 2009 10:29:38 -0500

cupsys (1.3.7-1ubuntu3.2) hardy-proposed; urgency=low

  * debian/rules: Install the serial backend with 0700 permissions to make it
    run as root, since /dev/ttyS* are root:dialout and thus not accessible as
    user "lp". (LP: #154277)

 -- Martin Pitt <email address hidden> Wed, 26 Nov 2008 14:30:00 +0000

cupsys (1.3.7-1ubuntu3.1) hardy-security; urgency=low

  * SECURITY UPDATE: heap-based buffer overflow due to unchecked boundary in
    the SGI filter
    - debian/patches/CVE-2008-3639_sgi_filter_overflow.dpatch: adjust
      filter/image-sgilib.c to properly check for xsize. Taken from Debian
      patch by Martin Pitt.
    - STR #2918
    - CVE-2008-3639
  * SECURITY UPDATE: integer overflow in texttops filter which could lead
    to heap-based overflow
    - debian/patches/CVE-2008-3640_texttops_overflow.dpatch: adjust
      textcommon.c and texttops.c to check for too large or negative page
      metrics. Taken from Debian patch by Martin Pitt.
    - STR #2919
    - CVE-2008-3640
  * SECURITY UPDATE: buffer overflow in HPGL filter which could lead to
    arbitrary code execution
    - debian/patches/CVE-2008-3641_hpgl_filter_overflow.dpatch: adjust
      hpgl-attr.c to properly check for an invalid number of pens. Also
      includes fix for regression in orginal upstream patch which changed
      the color mapping and an off-by-one loop error. Taken from Debian patch
      by Martin Pitt.
    - STR #2911
    - STR #2966
    - CVE-2008-3641

 -- Jamie Strandboge <email address hidden> Tue, 14 Oct 2008 13:17:07 -0500

Henry Hall (hlh) wrote :

Updated status and assigned to oem-security

Changed in dell-mini:
assignee: nobody → oem-security
importance: Undecided → Critical
status: New → Triaged
Pat McGowan (pat-mcgowan) wrote :

cupsys 1.3.7-1ubuntu3.4

Changed in dell-mini:
status: Triaged → Fix Committed
Changed in dell-mini:
status: Fix Committed → Fix Released
Curtis Hovey (sinzui) on 2014-11-12
Changed in dell-mini:
assignee: Registry Administrators (registry) → nobody
To post a comment you must log in.
This report contains Public Security information  Edit
Everyone can see this security related information.

Other bug subscribers