~ubuntu-branches/ubuntu/intrepid/cups/intrepid-security

Viewing all changes in revision 30.

  • Committer: Bazaar Package Importer
  • Author(s): Marc Deslauriers
  • Date: 2010-02-25 10:58:35 UTC
  • Revision ID: james.westby@ubuntu.com-20100225105835-vvjf6o3joxz43yki
Tags: 1.3.9-2ubuntu9.5
* SECURITY UPDATE: denial of service via use-after-free
  - debian/patches/CVE-2009-3553.dpatch: check fdptr->use and
    cupsd_inactive_fds in scheduler/select.c.
  - CVE-2009-3553
  - CVE-2010-0302
* SECURITY UPDATE: privilege escalation via lppasswd tool
  - debian/patches/CVE-2010-0393.dpatch: don't allow environment
    variables to override directories in cups/globals.c and
    systemv/lppasswd.c.
  - CVE-2010-0393

expand all expand all

Show diffs side-by-side

added added

removed removed

Lines of Context: