[Pkg-cups-devel] r663 - cupsys/trunk/debian
Kenshi Muto
kmuto at alioth.debian.org
Sat Dec 22 14:43:06 UTC 2007
Author: kmuto
Date: Sat Dec 22 14:43:06 2007
New Revision: 663
Log:
1.3.5 fixes CVE-2007-5849
Modified:
cupsys/trunk/debian/changelog
Modified: cupsys/trunk/debian/changelog
==============================================================================
--- cupsys/trunk/debian/changelog (original)
+++ cupsys/trunk/debian/changelog Sat Dec 22 14:43:06 2007
@@ -4,6 +4,8 @@
* New upstream release
- cups-stops-broadcasting-on-HUP-with-explicit-BrowseAddress patch is
merged.
+ - Fix that SNMP backend did not check for negative string lengths.
+ (CVE-2007-5849, closes: #457453).
* Update pdftops.pl to 1.20. It fixes overwriting arbitary files
via symlink attack. (CVE-2007-6358, closes: #456960)
More information about the Pkg-cups-devel
mailing list