Gentoo Bug 78249 - net-print/cups includes vulnerable xpdf again

First Last Prev Next No search results available Search page Enter new bug

Bug#:	78249
Alias:
Product:
Component:
Status:	RESOLVED
Resolution:	FIXED
Assigned To:	Gentoo Security <security@gentoo.org>

Hardware:
OS:
Version:
Priority:
Severity:

Reporter:	Thierry Carrez (RETIRED) <koon@gentoo.org>
Add CC:
CC:	Remove selected CCs

URL:
Summary:
Status Whiteboard:
Keywords:

Flags:			Requestee:
	Pending
	Approved
	Assigned_To		()

Filename	Description	Type	Creator	Created	Size	Actions
Create a New Attachment (proposed patch, testcase, etc.)						View All

Bug 78249 depends on:			Show dependency tree
Bug 78249 blocks:			Show dependency tree

Additional Comments: (this is where you put emerge --info)

Add to CC list

Not eligible to see or edit group visibility for this bug.

Leave as RESOLVED FIXED
Reopen bug
Mark bug as VERIFIED
Mark bug as CLOSED

View Bug Activity | Format For Printing | XML | Clone This Bug

Description:

Opened: 2005-01-16 11:19 0000

A new Xpdf vulnerability will be disclosed on January 18. This will probably
impact (again) CUPS.

Heinrich, you should probably apply the same patch as xpdf to CUPS, unless you
feel confident that vulnerable code is not called from CUPS.

Same thing, attach ebuild here and I'll call arch testing.

------- Comment #1 From Thierry Carrez (RETIRED) 2005-01-18 06:50:51 0000 -------

Better wait for the upstream official patch.

------- Comment #2 From Thierry Carrez (RETIRED) 2005-01-19 00:33:09 0000 -------

Printing team, please bump CUPS with xpdf-3.00pl3.patch from bug 77888

------- Comment #3 From Heinrich Wendel (RETIRED) 2005-01-19 05:42:40 0000 -------

bumped to -r1

------- Comment #4 From Thierry Carrez (RETIRED) 2005-01-19 07:26:10 0000 -------

Arches please test & mark 1.1.23-r1 stable
Target KEYWORDS="alpha amd64 arm hppa ia64 mips ppc ppc64 s390 sparc x86"

------- Comment #5 From Gustavo Zacarias (RETIRED) 2005-01-20 07:07:19 0000 -------

sparc stable.

------- Comment #6 From Bryan Østergaard (RETIRED) 2005-01-20 10:17:37 0000 -------

Stable on alpha.

------- Comment #7 From Markus Rothe 2005-01-20 11:34:15 0000 -------

stable on ppc64

------- Comment #8 From Thierry Carrez (RETIRED) 2005-01-21 02:14:53 0000 -------

corsair: ppc64 stable KEYWORD is missing in the ebuild I got from CVS

------- Comment #9 From Markus Rothe 2005-01-21 02:38:21 0000 -------

might be a little bit late yesterday.. Now the ebuild is stable on ppc64.

------- Comment #10 From Lars Weiler (RETIRED) 2005-01-21 09:20:17 0000 -------

ppc stable.

------- Comment #11 From Jan Brinkmann (RETIRED) 2005-01-21 12:20:22 0000 -------

stable on amd64.

------- Comment #12 From Thierry Carrez (RETIRED) 2005-01-22 01:25:05 0000 -------

GLSA 200501-30
arm ia64 mips hppa s390: please mark stable to benefit from GLSA

------- Comment #13 From Joshua Kinard 2005-02-06 19:38:43 0000 -------

mips stable.

First Last Prev Next No search results available Search page Enter new bug

Bugzilla Bug 78249

net-print/cups includes vulnerable xpdf again

Last modified: 2005-02-06 19:41:10 0000