Debian Security Advisory
DSA-1656-1 cupsys -- several vulnerabilities
- Date Reported:
- 20 Oct 2008
- Affected Packages:
- cupsys
- Vulnerable:
- Yes
- Security database references:
- In Mitre's CVE dictionary: CVE-2008-3639, CVE-2008-3640, CVE-2008-3641.
- More information:
-
Several local vulnerabilities have been discovered in the Common UNIX Printing System. The Common Vulnerabilities and Exposures project identifies the following problems:
- CVE-2008-3639
It was discovered that insufficient bounds checking in the SGI image filter may lead to the execution of arbitrary code.
- CVE-2008-3640
It was discovered that an integer overflow in the Postscript conversion tool
texttops
may lead to the execution of arbitrary code. - CVE-2008-3641
It was discovered that insufficient bounds checking in the HPGL filter may lead to the execution of arbitrary code.
For the stable distribution (etch), these problems have been fixed in version 1.2.7-4etch5.
For the unstable distribution (sid) and the upcoming stable distribution (lenny), these problems have been fixed in version 1.3.8-1lenny2 of the source package cups.
We recommend that you upgrade your cupsys package.
- CVE-2008-3639
- Fixed in:
-
Debian GNU/Linux 4.0 (etch)
- Source:
- http://security.debian.org/pool/updates/main/c/cupsys/cupsys_1.2.7.orig.tar.gz
- http://security.debian.org/pool/updates/main/c/cupsys/cupsys_1.2.7-4etch5.diff.gz
- http://security.debian.org/pool/updates/main/c/cupsys/cupsys_1.2.7-4etch5.dsc
- http://security.debian.org/pool/updates/main/c/cupsys/cupsys_1.2.7-4etch5.diff.gz
- Architecture-independent component:
- http://security.debian.org/pool/updates/main/c/cupsys/cupsys-common_1.2.7-4etch5_all.deb
- http://security.debian.org/pool/updates/main/c/cupsys/libcupsys2-gnutls10_1.2.7-4etch5_all.deb
- http://security.debian.org/pool/updates/main/c/cupsys/libcupsys2-gnutls10_1.2.7-4etch5_all.deb
- Alpha:
- http://security.debian.org/pool/updates/main/c/cupsys/cupsys-bsd_1.2.7-4etch5_alpha.deb
- http://security.debian.org/pool/updates/main/c/cupsys/cupsys-dbg_1.2.7-4etch5_alpha.deb
- http://security.debian.org/pool/updates/main/c/cupsys/cupsys-client_1.2.7-4etch5_alpha.deb
- http://security.debian.org/pool/updates/main/c/cupsys/libcupsys2-dev_1.2.7-4etch5_alpha.deb
- http://security.debian.org/pool/updates/main/c/cupsys/cupsys_1.2.7-4etch5_alpha.deb
- http://security.debian.org/pool/updates/main/c/cupsys/libcupsimage2_1.2.7-4etch5_alpha.deb
- http://security.debian.org/pool/updates/main/c/cupsys/libcupsys2_1.2.7-4etch5_alpha.deb
- http://security.debian.org/pool/updates/main/c/cupsys/libcupsimage2-dev_1.2.7-4etch5_alpha.deb
- http://security.debian.org/pool/updates/main/c/cupsys/cupsys-dbg_1.2.7-4etch5_alpha.deb
- AMD64:
- http://security.debian.org/pool/updates/main/c/cupsys/libcupsys2-dev_1.2.7-4etch5_amd64.deb
- http://security.debian.org/pool/updates/main/c/cupsys/libcupsys2_1.2.7-4etch5_amd64.deb
- http://security.debian.org/pool/updates/main/c/cupsys/cupsys-bsd_1.2.7-4etch5_amd64.deb
- http://security.debian.org/pool/updates/main/c/cupsys/libcupsimage2-dev_1.2.7-4etch5_amd64.deb
- http://security.debian.org/pool/updates/main/c/cupsys/cupsys-client_1.2.7-4etch5_amd64.deb
- http://security.debian.org/pool/updates/main/c/cupsys/libcupsimage2_1.2.7-4etch5_amd64.deb
- http://security.debian.org/pool/updates/main/c/cupsys/cupsys_1.2.7-4etch5_amd64.deb
- http://security.debian.org/pool/updates/main/c/cupsys/cupsys-dbg_1.2.7-4etch5_amd64.deb
- http://security.debian.org/pool/updates/main/c/cupsys/libcupsys2_1.2.7-4etch5_amd64.deb
- ARM:
- http://security.debian.org/pool/updates/main/c/cupsys/libcupsys2-dev_1.2.7-4etch5_arm.deb
- http://security.debian.org/pool/updates/main/c/cupsys/cupsys-dbg_1.2.7-4etch5_arm.deb
- http://security.debian.org/pool/updates/main/c/cupsys/libcupsys2_1.2.7-4etch5_arm.deb
- http://security.debian.org/pool/updates/main/c/cupsys/cupsys-client_1.2.7-4etch5_arm.deb
- http://security.debian.org/pool/updates/main/c/cupsys/libcupsimage2-dev_1.2.7-4etch5_arm.deb
- http://security.debian.org/pool/updates/main/c/cupsys/cupsys_1.2.7-4etch5_arm.deb
- http://security.debian.org/pool/updates/main/c/cupsys/libcupsimage2_1.2.7-4etch5_arm.deb
- http://security.debian.org/pool/updates/main/c/cupsys/cupsys-bsd_1.2.7-4etch5_arm.deb
- http://security.debian.org/pool/updates/main/c/cupsys/cupsys-dbg_1.2.7-4etch5_arm.deb
- HP Precision:
- http://security.debian.org/pool/updates/main/c/cupsys/cupsys-client_1.2.7-4etch5_hppa.deb
- http://security.debian.org/pool/updates/main/c/cupsys/libcupsimage2_1.2.7-4etch5_hppa.deb
- http://security.debian.org/pool/updates/main/c/cupsys/cupsys_1.2.7-4etch5_hppa.deb
- http://security.debian.org/pool/updates/main/c/cupsys/libcupsys2-dev_1.2.7-4etch5_hppa.deb
- http://security.debian.org/pool/updates/main/c/cupsys/libcupsys2_1.2.7-4etch5_hppa.deb
- http://security.debian.org/pool/updates/main/c/cupsys/cupsys-bsd_1.2.7-4etch5_hppa.deb
- http://security.debian.org/pool/updates/main/c/cupsys/libcupsimage2-dev_1.2.7-4etch5_hppa.deb
- http://security.debian.org/pool/updates/main/c/cupsys/cupsys-dbg_1.2.7-4etch5_hppa.deb
- http://security.debian.org/pool/updates/main/c/cupsys/libcupsimage2_1.2.7-4etch5_hppa.deb
- Intel IA-32:
- http://security.debian.org/pool/updates/main/c/cupsys/cupsys-dbg_1.2.7-4etch5_i386.deb
- http://security.debian.org/pool/updates/main/c/cupsys/libcupsys2_1.2.7-4etch5_i386.deb
- http://security.debian.org/pool/updates/main/c/cupsys/libcupsys2-dev_1.2.7-4etch5_i386.deb
- http://security.debian.org/pool/updates/main/c/cupsys/cupsys_1.2.7-4etch5_i386.deb
- http://security.debian.org/pool/updates/main/c/cupsys/cupsys-bsd_1.2.7-4etch5_i386.deb
- http://security.debian.org/pool/updates/main/c/cupsys/libcupsimage2_1.2.7-4etch5_i386.deb
- http://security.debian.org/pool/updates/main/c/cupsys/cupsys-client_1.2.7-4etch5_i386.deb
- http://security.debian.org/pool/updates/main/c/cupsys/libcupsimage2-dev_1.2.7-4etch5_i386.deb
- http://security.debian.org/pool/updates/main/c/cupsys/libcupsys2_1.2.7-4etch5_i386.deb
- Intel IA-64:
- http://security.debian.org/pool/updates/main/c/cupsys/cupsys-client_1.2.7-4etch5_ia64.deb
- http://security.debian.org/pool/updates/main/c/cupsys/libcupsimage2_1.2.7-4etch5_ia64.deb
- http://security.debian.org/pool/updates/main/c/cupsys/cupsys-bsd_1.2.7-4etch5_ia64.deb
- http://security.debian.org/pool/updates/main/c/cupsys/cupsys_1.2.7-4etch5_ia64.deb
- http://security.debian.org/pool/updates/main/c/cupsys/libcupsys2-dev_1.2.7-4etch5_ia64.deb
- http://security.debian.org/pool/updates/main/c/cupsys/cupsys-dbg_1.2.7-4etch5_ia64.deb
- http://security.debian.org/pool/updates/main/c/cupsys/libcupsys2_1.2.7-4etch5_ia64.deb
- http://security.debian.org/pool/updates/main/c/cupsys/libcupsimage2-dev_1.2.7-4etch5_ia64.deb
- http://security.debian.org/pool/updates/main/c/cupsys/libcupsimage2_1.2.7-4etch5_ia64.deb
- Little-endian MIPS:
- http://security.debian.org/pool/updates/main/c/cupsys/libcupsys2_1.2.7-4etch5_mipsel.deb
- http://security.debian.org/pool/updates/main/c/cupsys/cupsys_1.2.7-4etch5_mipsel.deb
- http://security.debian.org/pool/updates/main/c/cupsys/libcupsys2-dev_1.2.7-4etch5_mipsel.deb
- http://security.debian.org/pool/updates/main/c/cupsys/libcupsimage2-dev_1.2.7-4etch5_mipsel.deb
- http://security.debian.org/pool/updates/main/c/cupsys/libcupsimage2_1.2.7-4etch5_mipsel.deb
- http://security.debian.org/pool/updates/main/c/cupsys/cupsys-dbg_1.2.7-4etch5_mipsel.deb
- http://security.debian.org/pool/updates/main/c/cupsys/cupsys-bsd_1.2.7-4etch5_mipsel.deb
- http://security.debian.org/pool/updates/main/c/cupsys/cupsys-client_1.2.7-4etch5_mipsel.deb
- http://security.debian.org/pool/updates/main/c/cupsys/cupsys_1.2.7-4etch5_mipsel.deb
- PowerPC:
- http://security.debian.org/pool/updates/main/c/cupsys/libcupsimage2-dev_1.2.7-4etch5_powerpc.deb
- http://security.debian.org/pool/updates/main/c/cupsys/cupsys-client_1.2.7-4etch5_powerpc.deb
- http://security.debian.org/pool/updates/main/c/cupsys/cupsys_1.2.7-4etch5_powerpc.deb
- http://security.debian.org/pool/updates/main/c/cupsys/libcupsys2-dev_1.2.7-4etch5_powerpc.deb
- http://security.debian.org/pool/updates/main/c/cupsys/cupsys-dbg_1.2.7-4etch5_powerpc.deb
- http://security.debian.org/pool/updates/main/c/cupsys/cupsys-bsd_1.2.7-4etch5_powerpc.deb
- http://security.debian.org/pool/updates/main/c/cupsys/libcupsys2_1.2.7-4etch5_powerpc.deb
- http://security.debian.org/pool/updates/main/c/cupsys/libcupsimage2_1.2.7-4etch5_powerpc.deb
- http://security.debian.org/pool/updates/main/c/cupsys/cupsys-client_1.2.7-4etch5_powerpc.deb
- IBM S/390:
- http://security.debian.org/pool/updates/main/c/cupsys/cupsys-dbg_1.2.7-4etch5_s390.deb
- http://security.debian.org/pool/updates/main/c/cupsys/cupsys-bsd_1.2.7-4etch5_s390.deb
- http://security.debian.org/pool/updates/main/c/cupsys/cupsys-client_1.2.7-4etch5_s390.deb
- http://security.debian.org/pool/updates/main/c/cupsys/libcupsimage2_1.2.7-4etch5_s390.deb
- http://security.debian.org/pool/updates/main/c/cupsys/cupsys_1.2.7-4etch5_s390.deb
- http://security.debian.org/pool/updates/main/c/cupsys/libcupsys2_1.2.7-4etch5_s390.deb
- http://security.debian.org/pool/updates/main/c/cupsys/libcupsys2-dev_1.2.7-4etch5_s390.deb
- http://security.debian.org/pool/updates/main/c/cupsys/libcupsimage2-dev_1.2.7-4etch5_s390.deb
- http://security.debian.org/pool/updates/main/c/cupsys/cupsys-bsd_1.2.7-4etch5_s390.deb
- Sun Sparc:
- http://security.debian.org/pool/updates/main/c/cupsys/libcupsimage2-dev_1.2.7-4etch5_sparc.deb
- http://security.debian.org/pool/updates/main/c/cupsys/libcupsys2_1.2.7-4etch5_sparc.deb
- http://security.debian.org/pool/updates/main/c/cupsys/libcupsys2-dev_1.2.7-4etch5_sparc.deb
- http://security.debian.org/pool/updates/main/c/cupsys/cupsys_1.2.7-4etch5_sparc.deb
- http://security.debian.org/pool/updates/main/c/cupsys/cupsys-dbg_1.2.7-4etch5_sparc.deb
- http://security.debian.org/pool/updates/main/c/cupsys/libcupsimage2_1.2.7-4etch5_sparc.deb
- http://security.debian.org/pool/updates/main/c/cupsys/cupsys-bsd_1.2.7-4etch5_sparc.deb
- http://security.debian.org/pool/updates/main/c/cupsys/cupsys-client_1.2.7-4etch5_sparc.deb
- http://security.debian.org/pool/updates/main/c/cupsys/libcupsys2_1.2.7-4etch5_sparc.deb
MD5 checksums of the listed files are available in the original advisory.