Path to this page:
Subject: CVS commit: pkgsrc/emulators/suse100_libcups
From: OBATA Akio
Date: 2008-09-03 11:26:13
Message id: 20080903092613.8C66A175D0@cvs.netbsd.org
Log Message:
Bump suse100_libcups to 4.
From cups-libs from 1.1.23-21.6 to 1.1.23-21.16.
21.8:
By keeping a partially negotiated SSL connection open an
attacker could prevent the cups server from accepting other
requests (CVE-2007-0720).
21.10:
The previous cups update (CVE-2007-0720) was incomplete and
could lead to cupsd crashing.
21.12:
A buffer overflow in the xpdf code contained in cups could
be exploited by attackers to potentially execute arbitrary
code (CVE-2007-3387).
21.14:
A missing length check in the IPP implementation of cups
could lead to a buffer overflow. Attackers could exploit
that to potentially execute arbitrary code with root
privileges (CVE-2007-4351).
21.16:
A buffer overflow in the xpdf code contained in cups could be
exploited by attackers to potentially execute arbitrary code
(CVE-2007-4352, CVE-2007-5392, CVE-2007-5393).
Files: