1
PublicDateAtUSN: 2015-02-19
2
Candidate: CVE-2014-9679
5
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9679
6
http://www.openwall.com/lists/oss-security/2015/02/12/12
7
http://www.openwall.com/lists/oss-security/2015/02/10/15
8
https://usn.ubuntu.com/usn/usn-2520-1
10
Integer underflow in the cupsRasterReadPixels function in filter/raster.c
11
in CUPS before 2.0.2 allows remote attackers to have unspecified impact via
12
a malformed compressed raster file, which triggers a buffer overflow.
16
https://www.cups.org/str.php?L4551
17
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=778387
19
Discovered-by: Peter De Wachter
23
upstream: http://marc.info/?l=cups-commit&m=131299081010932&w=2 (lucid backport)
24
upstream: https://www.cups.org/strfiles.php/3438/str4551.patch
25
upstream_cups: released (2.0.2)
26
lucid_cups: released (1.4.3-1ubuntu1.14)
27
precise_cups: released (1.5.3-0ubuntu8.6)
28
trusty_cups: released (1.7.2-0ubuntu1.5)
29
utopic_cups: released (1.7.5-3ubuntu3.1)
30
devel_cups: not-affected (2.0.2-1ubuntu1)