cupsys: CVE-2008-1722 remote DoS

Debian Bug report logs - #476305
cupsys: CVE-2008-1722 remote DoS

Toggle useless messages

Message #5 received at submit@bugs.debian.org (full text, mbox, reply):

From: Nico Golde <nion@debian.org>

To: submit@bugs.debian.org

Subject: cupsys: CVE-2008-1722 remote DoS

Date: Tue, 15 Apr 2008 20:12:17 +0200

[Message part 1 (text/plain, inline)]

Package: cupsys
Severity: grave
Tags: security patch

Hi,
the following CVE (Common Vulnerabilities & Exposures) id was
published for cupsys.


CVE-2008-1722[0]:
| Multiple integer overflows in (1) filter/image-png.c and (2)
| filter/image-zoom.c in CUPS 1.3 allow attackers to cause a denial of
| service (crash) and trigger memory corruption, as demonstrated via a
| crafted PNG image.

Patch:
http://www.cups.org/strfiles/2790/str2790.patch

If you fix the vulnerability please also make sure to include the
CVE id in your changelog entry.

For further information see:

[0] http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1722
    http://security-tracker.debian.net/tracker/CVE-2008-1722

-- 
Nico Golde - http://www.ngolde.de - nion@jabber.ccc.de - GPG: 0x73647CFF
For security reasons, all text in this mail is double-rot13 encrypted.

[Message part 2 (application/pgp-signature, inline)]

Message #10 received at 476305@bugs.debian.org (full text, mbox, reply):

From: Nico Golde <nion@debian.org>

To: 476305@bugs.debian.org

Subject: intent to NMU

Date: Mon, 21 Apr 2008 13:37:46 +0200

[Message part 1 (text/plain, inline)]

Hi,
debdiff attached and also archived on:
http://people.debian.org/~nion/nmu-diff/cupsys-1.3.7-1_1.3.7-1.1.patch

Kind regards
Nico

-- 
Nico Golde - http://www.ngolde.de - nion@jabber.ccc.de - GPG: 0x73647CFF
For security reasons, all text in this mail is double-rot13 encrypted.

[cupsys-1.3.7-1_1.3.7-1.1.patch (text/x-diff, attachment)]

[Message part 3 (application/pgp-signature, inline)]

Message #15 received at 476305@bugs.debian.org (full text, mbox, reply):

From: Martin Pitt <mpitt@debian.org>

To: Nico Golde <nion@debian.org>, 476305@bugs.debian.org

Subject: Re: [Pkg-cups-devel] Bug#476305: intent to NMU

Date: Mon, 21 Apr 2008 17:43:38 +0200

[Message part 1 (text/plain, inline)]

Hi Nico,

Nico Golde [2008-04-21 13:37 +0200]:
> Hi,
> debdiff attached and also archived on:
> http://people.debian.org/~nion/nmu-diff/cupsys-1.3.7-1_1.3.7-1.1.patch

Thanks, I'll get a new upload done within the hour.

Martin
-- 
Martin Pitt                        | http://www.piware.de
Ubuntu Developer (www.ubuntu.com)  | Debian Developer  (www.debian.org)

[signature.asc (application/pgp-signature, inline)]

Message #20 received at 476305-close@bugs.debian.org (full text, mbox, reply):

From: Martin Pitt <mpitt@debian.org>

To: 476305-close@bugs.debian.org

Subject: Bug#476305: fixed in cupsys 1.3.7-2

Date: Mon, 21 Apr 2008 22:47:13 +0000

Source: cupsys
Source-Version: 1.3.7-2

We believe that the bug you reported is fixed in the latest version of
cupsys, which is due to be installed in the Debian FTP archive:

cupsys-bsd_1.3.7-2_amd64.deb
  to pool/main/c/cupsys/cupsys-bsd_1.3.7-2_amd64.deb
cupsys-client_1.3.7-2_amd64.deb
  to pool/main/c/cupsys/cupsys-client_1.3.7-2_amd64.deb
cupsys-common_1.3.7-2_all.deb
  to pool/main/c/cupsys/cupsys-common_1.3.7-2_all.deb
cupsys-dbg_1.3.7-2_amd64.deb
  to pool/main/c/cupsys/cupsys-dbg_1.3.7-2_amd64.deb
cupsys_1.3.7-2.diff.gz
  to pool/main/c/cupsys/cupsys_1.3.7-2.diff.gz
cupsys_1.3.7-2.dsc
  to pool/main/c/cupsys/cupsys_1.3.7-2.dsc
cupsys_1.3.7-2_amd64.deb
  to pool/main/c/cupsys/cupsys_1.3.7-2_amd64.deb
libcupsimage2-dev_1.3.7-2_amd64.deb
  to pool/main/c/cupsys/libcupsimage2-dev_1.3.7-2_amd64.deb
libcupsimage2_1.3.7-2_amd64.deb
  to pool/main/c/cupsys/libcupsimage2_1.3.7-2_amd64.deb
libcupsys2-dev_1.3.7-2_amd64.deb
  to pool/main/c/cupsys/libcupsys2-dev_1.3.7-2_amd64.deb
libcupsys2_1.3.7-2_amd64.deb
  to pool/main/c/cupsys/libcupsys2_1.3.7-2_amd64.deb



A summary of the changes between this version and the previous one is
attached.

Thank you for reporting the bug, which will now be closed.  If you
have further comments please address them to 476305@bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.

Debian distribution maintenance software
pp.
Martin Pitt <mpitt@debian.org> (supplier of updated cupsys package)

(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing ftpmaster@debian.org)


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Format: 1.8
Date: Mon, 21 Apr 2008 19:06:55 +0200
Source: cupsys
Binary: libcupsys2 libcupsimage2 cupsys cupsys-client libcupsys2-dev libcupsimage2-dev cupsys-bsd cupsys-common cupsys-dbg
Architecture: source all amd64
Version: 1.3.7-2
Distribution: unstable
Urgency: high
Maintainer: Debian CUPS Maintainers <pkg-cups-devel@lists.alioth.debian.org>
Changed-By: Martin Pitt <mpitt@debian.org>
Description: 
 cupsys     - Common UNIX Printing System(tm) - server
 cupsys-bsd - Common UNIX Printing System(tm) - BSD commands
 cupsys-client - Common UNIX Printing System(tm) - client programs (SysV)
 cupsys-common - Common UNIX Printing System(tm) - common files
 cupsys-dbg - Common UNIX Printing System(tm) - debugging symbols
 libcupsimage2 - Common UNIX Printing System(tm) - image libs
 libcupsimage2-dev - Common UNIX Printing System(tm) - image development files
 libcupsys2 - Common UNIX Printing System(tm) - libs
 libcupsys2-dev - Common UNIX Printing System(tm) - development files
Closes: 475887 476305 476495
Changes: 
 cupsys (1.3.7-2) unstable; urgency=high
 .
   [ Martin Pitt ]
   * debian/control: Add missing build dependency lsb-release. (LP: #211375)
     Also wrap long fields, so that they are easier to edit.
   * Drop pdftops-wait-eintr.dpatch, an improved version has been committed
     upstream. Integrate the upstream solution into pdftops-cups-1.4.dpatch.
   * Add pdftops-dont_fail_on_cancel.dpatch: Fix behavioural change in patch
     from STR #2780 which broke the test suite: When a job is cancelled, do not
     report a failure in the exit code of pdftops.
   * Rebuild against fixed debhelper to properly compress manpages again (see
     #470913). (Closes: #475887, #476495)
 .
   [ Nico Golde ]
   * Add debian/patches/CVE-2008-1722.dpatch: Two integer overflows in png
     image filter allow a denial of service attack and possibly arbitrary code
     execution. [STR #2790, CVE-2008-1722] (Closes: #476305).
Checksums-Sha1: 
 0b9c51c20c8a3acb227f6e98fef73a75500fd4a1 1721 cupsys_1.3.7-2.dsc
 7e678f02967620e8dcea34bd8d337c264b60bf3f 110388 cupsys_1.3.7-2.diff.gz
 6f7d6848f52112166f26e652f4a9a6d709f9bf60 1128688 cupsys-common_1.3.7-2_all.deb
 1940c32f50ece2203d25e5ef7e4a6d0f85a823fb 159988 libcupsys2_1.3.7-2_amd64.deb
 89b65bd451586a56c3c70f5588b9f6a51ba6fe10 93474 libcupsimage2_1.3.7-2_amd64.deb
 6a01e2d4c79942f5b09f67f761b0fb45603543c8 1935012 cupsys_1.3.7-2_amd64.deb
 1132ceea607304b6fbe1b61aa0c1beba6023a160 89744 cupsys-client_1.3.7-2_amd64.deb
 d05922d097da278c5a798b58e2685dff675c4be5 390022 libcupsys2-dev_1.3.7-2_amd64.deb
 62a713bf23130a986272dfa30626a9e4645fb938 60624 libcupsimage2-dev_1.3.7-2_amd64.deb
 14a35bb41c47884d933281110b79c929b5588cee 37418 cupsys-bsd_1.3.7-2_amd64.deb
 9fc0f67b593ac85e123778417047c5ee42b01db0 1141172 cupsys-dbg_1.3.7-2_amd64.deb
Checksums-Sha256: 
 c30c03c039b4158cf7198af2cd863784786ae545744c876b5d4f455ceeaab060 1721 cupsys_1.3.7-2.dsc
 be3b36f672a703a323093e0e6e571db6e30d64f24551250879ea188175436a75 110388 cupsys_1.3.7-2.diff.gz
 f6a14186addf3411f9bc31b17be484c307edced5e57696ef09ee91d8d7290452 1128688 cupsys-common_1.3.7-2_all.deb
 d272d7eb7509a3a221d1d8265cccb5e170d00f918e3bdad71bee4bd0a5540176 159988 libcupsys2_1.3.7-2_amd64.deb
 ea90e665088d0160be29feddac274a228799639d2a33b1ec884bc5b82bab907a 93474 libcupsimage2_1.3.7-2_amd64.deb
 a9d7391b1c5fbdcb287fb8aad76c15b92004b51d9c5f167bf9dbd486c1ae2f4d 1935012 cupsys_1.3.7-2_amd64.deb
 baf35baf096171ebf27347bc51e80e7e8810c252a409c4e90a3fd77839c386fe 89744 cupsys-client_1.3.7-2_amd64.deb
 a2d284f80b58acc1de57ff73a92a6fd974b4b381bb85ca2cdaec01398bc33131 390022 libcupsys2-dev_1.3.7-2_amd64.deb
 71f27e3c0ec89788a3fd51901b4b6782c4d0374f47c65326d6a8b72d083c59c3 60624 libcupsimage2-dev_1.3.7-2_amd64.deb
 3dfaef264bd84c3fe2cfd62f5f7ef295627e6a5688c9fcbd36063dbaf2363b18 37418 cupsys-bsd_1.3.7-2_amd64.deb
 b0ebd118cd3f01ce75196e9d42988a44874256e33ac3eb9c9317cf2d8631ef02 1141172 cupsys-dbg_1.3.7-2_amd64.deb
Files: 
 77984525a08c1632f97b82d8457fdf19 1721 net optional cupsys_1.3.7-2.dsc
 ee1252f03fec36b619681dec0c256136 110388 net optional cupsys_1.3.7-2.diff.gz
 01ca7f1bc536fb4bdf991c30966fca08 1128688 net optional cupsys-common_1.3.7-2_all.deb
 ba5bfa58dd0c642266e27f6c85eba9d3 159988 libs optional libcupsys2_1.3.7-2_amd64.deb
 9e4cc3902b3ffbc354f3bc00ddcd78c1 93474 libs optional libcupsimage2_1.3.7-2_amd64.deb
 9ab6cfbeb01852054ec0de9a40548539 1935012 net optional cupsys_1.3.7-2_amd64.deb
 08353787994e12b6f12b0c4ccd78bb96 89744 net optional cupsys-client_1.3.7-2_amd64.deb
 14a30716ae57a3213e5c98bafe5331aa 390022 libdevel optional libcupsys2-dev_1.3.7-2_amd64.deb
 4dedefde2172d95d9522cae3d9404a42 60624 libdevel optional libcupsimage2-dev_1.3.7-2_amd64.deb
 834b746018c4480d9ad0d5d23bc0442d 37418 net extra cupsys-bsd_1.3.7-2_amd64.deb
 b91ee5a804f03405983597d128968222 1141172 libdevel extra cupsys-dbg_1.3.7-2_amd64.deb

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.6 (GNU/Linux)

iD8DBQFIDQYyDecnbV4Fd/IRAmVBAJ40PeQkG2/xSmwqJ7gtQLv46YA5MwCfSQ10
fjLejXtl0G9nKFQmuvw0i/w=
=Z1P2
-----END PGP SIGNATURE-----

Send a report that this bug log contains spam.