Branches for Jaunty

Name Status Last Modified Last Commit
lp:ubuntu/jaunty/cups 2 Mature 2009-12-18 12:40:21 UTC 2009-12-18
17. * SECURITY UPDATE: fix integer overfl...

Author: Jamie Strandboge
Revision Date: 2009-04-15 09:33:56 UTC

* SECURITY UPDATE: fix integer overflow via large TIFF file (LP: #361866)
  - debian/patches/CVE-2009-0163.dpatch: adjust CUPS_IMAGE_MAX_HEIGHT in
    filter/image-private.h
  - CVE-2009-0163

lp:ubuntu/jaunty-proposed/cups bug 2 Mature 2010-03-04 18:38:16 UTC 2010-03-04
21. debian/patches/fix-lpstat.dpatch: Fix...

Author: Evan Broder
Revision Date: 2010-03-03 20:29:00 UTC

debian/patches/fix-lpstat.dpatch: Fix lpstat to work correctly against
CUPS 1.4 servers. (LP: #497606)

lp:ubuntu/jaunty-security/cups 2 Mature 2010-06-18 10:26:08 UTC 2010-06-18
21. * SECURITY UPDATE: cross-site request...

Author: Marc Deslauriers
Revision Date: 2010-06-18 10:26:08 UTC

* SECURITY UPDATE: cross-site request forgery in admin interface
  - debian/patches/CVE-2010-0540.dpatch: add unpredictable session token
    to cgi-bin/admin.c, cgi-bin/cgi.h, cgi-bin/ipp-var.c,
    cgi-bin/template.c, cgi-bin/var.c, scheduler/client.c,
    templates/*.tmpl.
  - CVE-2010-0540
* SECURITY UPDATE: denial of service or arbitrary code execution in
  texttops image filter
  - debian/patches/CVE-2010-0542.dpatch: make sure calloc succeeded in
    filter/texttops.c.
  - CVE-2010-0542
* SECURITY UPDATE: web interface memory disclosure
  - debian/patches/CVE-2010-1748.dpatch: validate data in cgi-bin/var.c.
  - CVE-2010-1748
* SECURITY UPDATE: file overwrite vulnerability
  - debian/patches/security-str3510.dpatch: introduce cups_open() in
    cups/file.c and use to make sure hard-linked or symlinked files don't
    get overwritten as root.
  - No CVE number

lp:ubuntu/jaunty-updates/cups 2 Mature 2010-06-18 10:26:08 UTC 2010-06-18
21. * SECURITY UPDATE: cross-site request...

Author: Marc Deslauriers
Revision Date: 2010-06-18 10:26:08 UTC

* SECURITY UPDATE: cross-site request forgery in admin interface
  - debian/patches/CVE-2010-0540.dpatch: add unpredictable session token
    to cgi-bin/admin.c, cgi-bin/cgi.h, cgi-bin/ipp-var.c,
    cgi-bin/template.c, cgi-bin/var.c, scheduler/client.c,
    templates/*.tmpl.
  - CVE-2010-0540
* SECURITY UPDATE: denial of service or arbitrary code execution in
  texttops image filter
  - debian/patches/CVE-2010-0542.dpatch: make sure calloc succeeded in
    filter/texttops.c.
  - CVE-2010-0542
* SECURITY UPDATE: web interface memory disclosure
  - debian/patches/CVE-2010-1748.dpatch: validate data in cgi-bin/var.c.
  - CVE-2010-1748
* SECURITY UPDATE: file overwrite vulnerability
  - debian/patches/security-str3510.dpatch: introduce cups_open() in
    cups/file.c and use to make sure hard-linked or symlinked files don't
    get overwritten as root.
  - No CVE number

14 of 4 results