Package: cups-filters / 1.0.61-5+deb8u3

Metadata

Package Version Patches format
cups-filters 1.0.61-5+deb8u3 3.0 (quilt)

Patch series

view the series file
Patch File delta Description
r7303_browsed_support_BrowseAllow_all.patch | (download)

utils/cups-browsed.c | 14 11 + 3 - 0 !
utils/cups-browsed.conf.5 | 1 1 + 0 - 0 !
utils/cups-browsed.conf.in | 1 1 + 0 - 0 !
3 files changed, 13 insertions(+), 3 deletions(-)

 cups-browsed: support 'browseallow all'
Bug-Debian: https://bugs.debian.org/766334
r7333_fixed_a_security_bug_in_remove_bad_chars_failing_to_reliably_filter_out_illegal_characters.patch | (download)

utils/cups-browsed.c | 1 1 + 0 - 0 !
1 file changed, 1 insertion(+)

 cups-browsed: security fix: fixed a bug in the remove_bad_chars()
 failing to reliably filter out illegal characters if there are two
 or more subsequent illegal characters, allowing execution of
 arbitrary commands with the rights of the "lp" user, using forged
 print service announcements on DNS-SD servers (Bug #1265).
r7363 r7365_fixed_buffer_overflow_on_size_allocation_of_texttopdf.patch | (download)

filter/textcommon.c | 42 42 + 0 - 0 !
filter/texttopdf.c | 15 0 + 15 - 0 !
2 files changed, 42 insertions(+), 15 deletions(-)

 security fix: texttopdf: fixed buffer overflow on size allocation of texttopdf when working with extremely small line sizes, which causes the size calculation to result in 0.
r7406_also_consider_the_back_tick_as_an_illegal_shell_escape_character.patch | (download)

filter/foomatic-rip/util.c | 2 1 + 1 - 0 !
1 file changed, 1 insertion(+), 1 deletion(-)

 foomatic-rip: security fix: also consider the back tick ('`') as
 an illegal shell escape character. Thanks to Michal Kowalczyk from the Google
 Security Team for the hint.
r7419_also_consider_the_semicolon_as_an_illegal_shell_escape_character.patch | (download)

filter/foomatic-rip/util.c | 2 1 + 1 - 0 !
1 file changed, 1 insertion(+), 1 deletion(-)

 foomatic-rip: security fix: also consider the semicolon (';') as
 an illegal shell escape character. Thanks to Adam Chester for the hint.