Summary: | net-print/cups < 1.2.12-r2 IPP Tags Memory Corruption Vulnerability (CVE-2007-4351) | ||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|
Product: | Gentoo Security | Reporter: | Sune Kloppenborg Jeppesen (RETIRED) <jaervosz> | ||||||||
Component: | Vulnerabilities | Assignee: | Gentoo Security <security> | ||||||||
Status: | RESOLVED FIXED | ||||||||||
Severity: | major | CC: | amne, genstef, printing, wschlich | ||||||||
Priority: | High | ||||||||||
Version: | unspecified | ||||||||||
Hardware: | All | ||||||||||
OS: | Linux | ||||||||||
Whiteboard: | B1? [glsa] | ||||||||||
Package list: | Runtime testing required: | --- | |||||||||
Attachments: |
|
Description
Sune Kloppenborg Jeppesen (RETIRED)
2007-10-22 20:01:50 UTC
Created attachment 134186 [details, diff]
str2561-cups11v2.patch
Created attachment 134187 [details, diff]
str2561-cups12v2.patch
Created attachment 134188 [details, diff]
str2561-cups13v2.patch
Hi Genstef, if you want stable testing before the disclosure date please attach updated ebuilds to this bug. Do not commit anything yet. public now. printing, any news here? *** Bug 197868 has been marked as a duplicate of this bug. *** Printing please advise. Bumped versions for cups 1.1 and 1.2 which apply the patch for CVE-2007-4351: cups-1.1.23-r9.ebuild cups-1.2.12-r2.ebuild Added new upstream version for cups 1.3 and removed the vulnerable cups-1.3.3.ebuild from the tree: cups-1.3.4.ebuild I removed the cups-1.1 fixed ebuild again and made sure that its obvious that 1.1 is unmaintained and suffers from more bugs. Sorry for the confusion .. Arches, please test and mark stable net-print/cups-1.2.12-r2. Target keywords : "alpha amd64 arm hppa ia64 m68k mips ppc ppc64 s390 sh sparc x86" Sparc stable. x86 stable ppc64 stable Stable for HPPA. ppc stable amd64 done. alpha/ia64 stable, thanks Tobias GLSA 200711-16, sorry for the delay. mips stable. |