-
Committer:
Bazaar Package Importer
-
Author(s):
Marc Deslauriers
-
Date:
2010-02-25 10:58:35 UTC
-
Revision ID:
james.westby@ubuntu.com-20100225105835-vvjf6o3joxz43yki
Tags: 1.3.9-2ubuntu9.5
* SECURITY UPDATE: denial of service via use-after-free
- debian/patches/CVE-2009-3553.dpatch: check fdptr->use and
cupsd_inactive_fds in scheduler/select.c.
- CVE-2009-3553
- CVE-2010-0302
* SECURITY UPDATE: privilege escalation via lppasswd tool
- debian/patches/CVE-2010-0393.dpatch: don't allow environment
variables to override directories in cups/globals.c and
systemv/lppasswd.c.
- CVE-2010-0393