Hi, I have released cups-filters 1.0.71 now, with the following fixes:
- texttopdf: The Page allocation is moved into textcommon.c, where it does all the necessary checking: lower-bounds for CVE-2015-3258 and upper-bounds for CVE-2015-3259 due to integer overflows for the calloc() call initialising Page[0] and the memset() call in texttopdf.c's WritePage() function zeroing the entire array. Thanks to Tim Waugh from Red Hat for the patch. - texttopdf: Upper-bounds checking (CVE-2015-3259). Till -- To UNSUBSCRIBE, email to [email protected] with a subject of "unsubscribe". Trouble? Contact [email protected] Archive: https://lists.debian.org/[email protected]
