cupsys -- several vulnerabilities

2008-10-20T00:00:00
ID DSA-1656
Type debian
Reporter Debian
Modified 2008-10-20T00:00:00

Description

Several local vulnerabilities have been discovered in the Common UNIX Printing System. The Common Vulnerabilities and Exposures project identifies the following problems:

It was discovered that insufficient bounds checking in the SGI image filter may lead to the execution of arbitrary code.

It was discovered that an integer overflow in the Postscript conversion tool texttops may lead to the execution of arbitrary code.

It was discovered that insufficient bounds checking in the HPGL filter may lead to the execution of arbitrary code.

For the stable distribution (etch), these problems have been fixed in version 1.2.7-4etch5.

For the unstable distribution (sid) and the upcoming stable distribution (lenny), these problems have been fixed in version 1.3.8-1lenny2 of the source package cups.

We recommend that you upgrade your cupsys package.