[Secure-testing-team] Bug#507183: cups: integer overflow via validation code in of the image size

Steffen Joeris steffen.joeris at skolelinux.de
Fri Nov 28 21:58:15 UTC 2008


Package: cups
Version: 1.3.8-1lenny3
Severity: grave
Tags: security, patch
Justification: user security hole

Hi Martin

Cups upstream just fixed another integer overflow[0], which was introduced
due to an incomplete fix for CVE-2008-1722. The upstream commit can be
found here[1]. A CVE id has been requested and I'll post it as soon as
it is available.

Cheers
Steffen

[0]: http://www.cups.org/str.php?L2974

[1]: http://www.cups.org/strfiles/2974/str2974.patch





More information about the Secure-testing-team mailing list