cups (1.3.9-2ubuntu9.3) intrepid-security; urgency=low
* SECURITY UPDATE: XSS and CRLF injection in headers
- debian/patches/CVE-2009-2820.dpatch: Introduce cgiClearVariables() in
cgi-bin/{var.c,cgi.h}. Clear out variables in
cgi-bin/{classes,help,ipp-var,jobs,printers}.c. Encode URL string and
clear out variables in cgi-bin/admin.c. Filter more characters in
cgi-bin/template.c.
- CVE-2009-2820
Date: Fri, 30 Oct 2009 21:36:11 -0400
Changed-By: Marc Deslauriers <[email protected]>
Maintainer: Ubuntu Core Developers <[email protected]>
https://launchpad.net/ubuntu/intrepid/+source/cups/1.3.9-2ubuntu9.3
Format: 1.8
Date: Fri, 30 Oct 2009 21:36:11 -0400
Source: cups
Binary: libcups2 libcupsimage2 cups cups-client libcups2-dev libcupsimage2-dev
cups-bsd cups-common cups-dbg cupsys cupsys-client cupsys-common cupsys-bsd
cupsys-dbg libcupsys2 libcupsys2-dev
Architecture: source
Version: 1.3.9-2ubuntu9.3
Distribution: intrepid-security
Urgency: low
Maintainer: Ubuntu Core Developers <[email protected]>
Changed-By: Marc Deslauriers <[email protected]>
Description:
cups - Common UNIX Printing System(tm) - server
cups-bsd - Common UNIX Printing System(tm) - BSD commands
cups-client - Common UNIX Printing System(tm) - client programs (SysV)
cups-common - Common UNIX Printing System(tm) - common files
cups-dbg - Common UNIX Printing System(tm) - debugging symbols
cupsys - Common UNIX Printing System (transitional package)
cupsys-bsd - Common UNIX Printing System (transitional package)
cupsys-client - Common UNIX Printing System (transitional package)
cupsys-common - Common UNIX Printing System (transitional package)
cupsys-dbg - Common UNIX Printing System (transitional package)
libcups2 - Common UNIX Printing System(tm) - libs
libcups2-dev - Common UNIX Printing System(tm) - development files
libcupsimage2 - Common UNIX Printing System(tm) - image libs
libcupsimage2-dev - Common UNIX Printing System(tm) - image development files
libcupsys2 - Common UNIX Printing System (transitional package)
libcupsys2-dev - Common UNIX Printing System (transitional package)
Changes:
cups (1.3.9-2ubuntu9.3) intrepid-security; urgency=low
.
* SECURITY UPDATE: XSS and CRLF injection in headers
- debian/patches/CVE-2009-2820.dpatch: Introduce cgiClearVariables() in
cgi-bin/{var.c,cgi.h}. Clear out variables in
cgi-bin/{classes,help,ipp-var,jobs,printers}.c. Encode URL string and
clear out variables in cgi-bin/admin.c. Filter more characters in
cgi-bin/template.c.
- CVE-2009-2820
Checksums-Sha1:
75388f8d7175e8d89acc9f4d8f07af882d931d85 2043 cups_1.3.9-2ubuntu9.3.dsc
74402b22901b536b00320cf19bac06205de1e035 333061 cups_1.3.9-2ubuntu9.3.diff.gz
Checksums-Sha256:
8ca2a45549030128507b0ed94bc68f83e79bb4aa6f106bb343ce5af9b63c8caf 2043
cups_1.3.9-2ubuntu9.3.dsc
4251227fcbb4e5b4f7e8c71ee8e8f6e8fd9815c164dcb28164fb601c28724a3d 333061
cups_1.3.9-2ubuntu9.3.diff.gz
Files:
45087adf6eeff3c066199bb22f0fd2b0 2043 net optional cups_1.3.9-2ubuntu9.3.dsc
7330706de0300ff8fdf726f3947c8591 333061 net optional
cups_1.3.9-2ubuntu9.3.diff.gz
Original-Maintainer: Debian CUPS Maintainers
<[email protected]>
--
Intrepid-changes mailing list
[email protected]
Modify settings or unsubscribe at:
https://lists.ubuntu.com/mailman/listinfo/intrepid-changes
