cupsys -- buffer overflows

2008-08-01T00:00:00
ID DSA-1625
Type debian
Reporter Debian
Modified 2008-08-01T00:00:00

Description

Several remote vulnerabilities have been discovered in the Common Unix Printing System (CUPS). The Common Vulnerabilities and Exposures project identifies the following problems:

Buffer overflows in the HP-GL input filter allowed to possibly run arbitrary code through crafted HP-GL files.

Buffer overflow in the GIF filter allowed to possibly run arbitrary code through crafted GIF files.

Integer overflows in the PNG filter allowed to possibly run arbitrary code through crafted PNG files.

For the stable distribution (etch), these problems have been fixed in version 1.2.7-4etch4 of package cupsys.

For the testing (lenny) and unstable distribution (sid), these problems have been fixed in version 1.3.7-2 of package cups.

We recommend that you upgrade your cupsys package.