Author: nion
Date: 2008-06-13 18:02:33 +0000 (Fri, 13 Jun 2008)
New Revision: 9064
Modified:
data/CVE/list
data/packages/removed-packages
Log:
cupsys was renamed in cups
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2008-06-13 16:45:44 UTC (rev 9063)
+++ data/CVE/list 2008-06-13 18:02:33 UTC (rev 9064)
@@ -2097,7 +2097,8 @@
CVE-2008-1723
RESERVED
CVE-2008-1722 (Multiple integer overflows in (1) filter/image-png.c and (2)
...)
- - cupsys 1.3.7-2 (medium; bug #476305)
+ - cups 1.3.7-2 (medium; bug #476305)
+ - cupsys <removed> (medium; bug #476305)
CVE-2008-1721 (Integer signedness error in the zlib extension module in Python
2.5.2 ...)
{DSA-1551-1}
- python2.4 2.4.5-2
@@ -2863,7 +2864,8 @@
CVE-2007-6711 (Unspecified vulnerability in customer.php in FreeWebshop.org
2.2.5, ...)
NOT-FOR-US: FreeWebShop.org
CVE-2005-4873 (Multiple stack-based buffer overflows in the phpcups PHP module
for ...)
- - cupsys 1.1.23-10sarge1
+ - cups 1.1.23-10sarge1
+ - cupsys <removed>
CVE-2008-1476 (Cross-site scripting (XSS) vulnerability in Serendipity (S9Y)
before ...)
{DSA-1528-1}
- serendipity 1.3-1
@@ -2929,10 +2931,12 @@
{DSA-1565-1}
- linux-2.6 2.6.25-2 (low)
CVE-2008-1374 (Integer overflow in pdftops filter in CUPS in Red Hat
Enterprise Linux ...)
- - cupsys <not-affected> (Redhat-specific incomplete patch, upstream
patch is complete)
+ - cupsys <removed>
+ - cups <not-affected> (Redhat-specific incomplete patch, upstream patch
is complete)
CVE-2008-1373 (Buffer overflow in the gif_read_lzw in CUPS 1.3.6 allows remote
...)
{DTSA-122-1}
- - cupsys 1.3.7-1 (medium)
+ - cupsys <removed> (medium)
+ - cups 1.3.7-1 (medium)
CVE-2008-1372 (bzlib.c in bzip2 before 1.0.5 allows user-assisted remote
attackers to ...)
- bzip2 1.0.5-0.1 (low; bug #471670)
[etch] - bzip2 <no-dsa> (Pure crasher, no code injection, mostly a
regular bug)
@@ -4103,7 +4107,8 @@
NOTE: Seems Redhat specific
CVE-2008-0882 (Double free vulnerability in the process_browse_data function
in CUPS ...)
{DSA-1530-1 DTSA-117-1}
- - cupsys 1.3.6-1 (medium; bug #467653)
+ - cupsys <removed> (medium; bug #467653)
+ - cups 1.3.6-1 (medium; bug #467653)
[sarge] - cupsys <no-dsa> (Remote DoS is minor issue)
CVE-2008-0881 (SQL injection vulnerability in modules.php in the Okul 1.0
module for ...)
NOT-FOR-US: Okul module for PHP-Nuke
@@ -4730,10 +4735,12 @@
CVE-2008-0598
RESERVED
CVE-2008-0597 (Use-after-free vulnerability in CUPS before 1.1.22, and
possibly other ...)
- - cupsys 1.2
+ - cups 1.2
+ - cupsys <removed>
NOTE: (mimeDeleteType included since 1.2.x
CVE-2008-0596 (Memory leak in CUPS before 1.1.22, and possibly other versions,
allows ...)
- - cupsys 1.3.6
+ - cupsys <removed>
+ - cups 1.3.6
NOTE: version in unstable has better array handling and is not
vulnerable, exact version unknown
TODO: validate exact fixed version
CVE-2008-0595 (dbus-daemon in D-Bus before 1.0.3, and 1.1.x before 1.1.20,
recognizes ...)
@@ -6087,7 +6094,8 @@
CVE-2008-0054 (Foundation in Apple Mac OS X 10.4.11 might allow
context-dependent ...)
NOT-FOR-US: Apple Mac OS X
CVE-2008-0053 (Multiple buffer overflows in the HP-GL/2-to-PostScript filter
in CUPS ...)
- - cupsys 1.3.6-1
+ - cupsys <removed>
+ - cups 1.3.6-1
NOTE: https://bugzilla.redhat.com/attachment.cgi?id=298651
CVE-2008-0052 (CoreServices in Apple Mac OS X 10.4.11 treats .ief as a safe
file ...)
NOT-FOR-US: Apple Mac OS X
@@ -6101,7 +6109,8 @@
NOT-FOR-US: Apple Mac OS X
CVE-2008-0047 (Heap-based buffer overflow in the cgiCompileSearch function in
CUPS ...)
{DSA-1530-1}
- - cupsys 1.3.6-3 (medium; bug #472105)
+ - cupsys <removed> (medium; bug #472105)
+ - cups 1.3.6-3 (medium; bug #472105)
[sarge] - cupsys <not-affected> (Vulnerable code not present)
CVE-2008-0046 (The Application Firewall in Apple Mac OS X 10.5.2 has an
incorrect ...)
NOT-FOR-US: Apple Mac OS X
@@ -6820,7 +6829,8 @@
[etch] - apache 1.3.34-4.1+etch1
CVE-2007-6358 (pdftops.pl before 1.20 in alternate pdftops filter allows local
users ...)
{DSA-1437-1}
- - cupsys 1.3.5-1 (low; bug #456960)
+ - cups 1.3.5-1 (low; bug #456960)
+ - cupsys <removed> (low; bug #456960)
[sarge] - cupsys <no-dsa> (Minor issue)
NOTE: the debian package is a bit confusing here as it also ships a
pdftops
NOTE: wrapper script as an example but the original script is installed
@@ -8254,10 +8264,12 @@
NOT-FOR-US: Desktop Services (Apple Mac OS X)
CVE-2007-5849 (Integer underflow in the asn1_get_string function in the SNMP
back end ...)
{DSA-1437-1}
- - cupsys 1.3.5-1 (medium; bug #457453)
+ - cupsys <removed> (medium; bug #457453)
+ - cups 1.3.5-1 (medium; bug #457453)
[sarge] - cupsys <not-affected> (Vulnerable code not present)
CVE-2007-5848 (Buffer overflow in CUPS in Apple Mac OS X 10.4.11 allows local
admin ...)
- - cupsys 1.2.0
+ - cupsys <removed>
+ - cups 1.2.0
NOTE: This only affects the Cups 1.1 series
[sarge] - cupsys <no-dsa> (Minor issue, may only lead to an infinite
loop)
CVE-2007-5847 (Race condition in the CFURLWriteDataAndPropertiesToResource API
in ...)
@@ -9955,13 +9967,14 @@
- xpdf 3.02-1.3 (medium; bug #450629)
- koffice 1:1.6.3-4 (medium; bug #450631)
- libextractor 0.5.9-1
- - cupsys 1.1.22-7
+ - cupsys <removed>
+ - cups 1.1.22-7
- gpdf <removed>
- pdftohtml <removed>
[etch] - pdftohtml 0.36-13etch1
- tetex-bin 3.0-12
NOTE: pdftex links to poppler since 3.0-12, thus marking as fixed
- - cupsys <not-affected> (we use xpdf-utils in sarge and poppler-utils
since etch to not embedd this code)
+ - cups <not-affected> (we use xpdf-utils in sarge and poppler-utils
since etch to not embedd this code)
NOTE: cups uses xpdf-utils and poppler-utils
- libextractor 0.5.12-1
NOTE: libextractor uses internal pdf decoder since 0.5.12-1, thus
marking as fixed
@@ -9973,13 +9986,14 @@
- xpdf 3.02-1.3 (medium; bug #450629)
- koffice 1:1.6.3-4 (medium; bug #450631)
- libextractor 0.5.9-1
- - cupsys 1.1.22-7
+ - cupsys <removed>
+ - cups 1.1.22-7
- gpdf <removed>
- pdftohtml <removed>
[etch] - pdftohtml 0.36-13etch1
- tetex-bin 3.0-12
NOTE: pdftex links to poppler since 3.0-12, thus marking as fixed
- - cupsys <not-affected> (we use xpdf-utils in sarge and poppler-utils
since etch to not embedd this code)
+ - cups <not-affected> (we use xpdf-utils in sarge and poppler-utils
since etch to not embedd this code)
NOTE: cups uses xpdf-utils and poppler-utils
- libextractor 0.5.12-1
NOTE: libextractor uses internal pdf decoder since 0.5.12-1, thus
marking as fixed
@@ -12756,19 +12770,21 @@
- xpdf 3.02-1.3 (medium; bug #450629)
- koffice 1:1.6.3-4 (medium; bug #450631)
- libextractor 0.5.9-1
- - cupsys 1.1.22-7
+ - cupsys <removed>
+ - cups 1.1.22-7
- gpdf <removed>
- pdftohtml <removed>
[etch] - pdftohtml 0.36-13etch1
- tetex-bin 3.0-12
NOTE: pdftex links to poppler since 3.0-12, thus marking as fixed
- - cupsys <not-affected> (we use xpdf-utils in sarge and poppler-utils
since etch to not embedd this code)
+ - cups <not-affected> (we use xpdf-utils in sarge and poppler-utils
since etch to not embedd this code)
NOTE: cups uses xpdf-utils and poppler-utils
- libextractor 0.5.12-1
NOTE: libextractor uses internal pdf decoder since 0.5.12-1, thus
marking as fixed
CVE-2007-4351 (Off-by-one error in the ippReadIO function in cups/ipp.c in
CUPS 1.3.3 ...)
{DSA-1407-1 DTSA-81-1}
- - cupsys 1.3.4-1 (medium; bug #448866)
+ - cupsys <removed> (medium; bug #448866)
+ - cups 1.3.4-1 (medium; bug #448866)
[sarge] - cupsys <not-affected> (Only vulnerable to code injection
since 1.2.x, effects are harmless otherwise)
CVE-2007-4350
RESERVED
@@ -13447,7 +13463,8 @@
CVE-2007-4046 (SQL injection vulnerability in index.php in the Pony Gallery
...)
NOT-FOR-US: Pony Gallery
CVE-2007-4045 (The CUPS service, as used in SUSE Linux before 20070720 and
other ...)
- - cupsys 1.2
+ - cupsys <removed>
+ - cups 1.2
NOTE: Since 1.2 allocation has changed and this issue is no longer
exploitable
CVE-2007-4044
REJECTED
@@ -15048,7 +15065,8 @@
[etch] - pdftohtml 0.36-13etch1
- tetex-bin 3.0-12
NOTE: pdftex links to poppler since 3.0-12, thus marking as fixed
- - cupsys <not-affected> (unimportant; bug #436099)
+ - cupsys <removed> (unimportant; bug #436099)
+ - cups <not-affected> (unimportant; bug #436099)
NOTE: cups uses xpdf-utils
- pdfkit.framework 0.8-4
NOTE: links to poppler since 0.8-4, thus marking as fixed
@@ -21935,7 +21953,8 @@
CVE-2007-0721 (Unspecified vulnerability in diskimages-helper in Apple Mac OS
X ...)
NOT-FOR-US: Apple Mac
CVE-2007-0720 (The CUPS service on multiple platforms allows remote attackers
to ...)
- - cupsys 1.2.7-1 (bug #434734; low)
+ - cups 1.2.7-1 (bug #434734; low)
+ - cupsys <removed> (bug #434734; low)
[sarge] - cupsys <no-dsa> (Minor, conceptual design problem)
[etch] - cupsys <no-dsa> (Minor, conceptual design problem)
CVE-2007-0719 (Stack-based buffer overflow in Apple Mac OS X 10.3.9 and 10.4
through ...)
@@ -42396,7 +42415,8 @@
- libextractor 0.5.9-1
- pdfkit.framework 0.8-4
- pdftohtml 0.36-12
- - cupsys 1.1.22-7
+ - cupsys <removed>
+ - cups 1.1.22-7
NOTE: cupsys switched to an external PDF implementation in 1.1.22-7.
- tetex-bin 3.0-12
NOTE: tetex-bin switched to poppler in 3.0-12.
@@ -42410,7 +42430,8 @@
- libextractor 0.5.9-1
- pdfkit.framework 0.8-4
- pdftohtml 0.36-12
- - cupsys 1.1.22-7
+ - cupsys <removed>
+ - cups 1.1.22-7
NOTE: cupsys switched to an external PDF implementation in 1.1.22-7.
- tetex-bin 3.0-12
NOTE: tetex-bin switched to poppler in 3.0-12.
@@ -42424,7 +42445,8 @@
- libextractor 0.5.9-1
- pdfkit.framework 0.8-4
- pdftohtml 0.36-12
- - cupsys 1.1.22-7
+ - cupsys <removed>
+ - cups 1.1.22-7
NOTE: cupsys switched to an external PDF implementation in 1.1.22-7.
- tetex-bin 3.0-12
NOTE: tetex-bin switched to poppler in 3.0-12.
@@ -42439,7 +42461,8 @@
- libextractor 0.5.9-1
- pdfkit.framework 0.8-4
- pdftohtml 0.36-12
- - cupsys 1.1.22-7
+ - cups 1.1.22-7
+ - cupsys <removed>
NOTE: cupsys switched to an external PDF implementation in 1.1.22-7.
NOTE: tetex-bin switched to poppler in 3.0-12.
CVE-2005-3624 (The CCITTFaxStream::CCITTFaxStream function in Stream.cc for
xpdf, ...)
@@ -42453,7 +42476,8 @@
- libextractor 0.5.9-1
- pdfkit.framework 0.8-4
- pdftohtml 0.36-12
- - cupsys 1.1.22-7
+ - cups 1.1.22-7
+ - cupsys <removed>
NOTE: cupsys switched to an external PDF implementation in 1.1.22-7.
NOTE: tetex-bin switched to poppler in 3.0-12.
CVE-2005-3623 (nfs2acl.c in the Linux kernel 2.6.14.4 does not check for
MAY_SATTR ...)
@@ -43922,7 +43946,8 @@
- tetex-bin 3.0-11 (bug #342292; medium)
- koffice <not-affected> (Vulnerable xpdf code not contained)
- libextractor 0.5.8-1 (medium)
- - cupsys 1.1.23-13 (unimportant)
+ - cupsys <removed> (unimportant)
+ - cups 1.1.23-13 (unimportant)
- pdfkit.framework 0.8-4
CVE-2005-3192 (Heap-based buffer overflow in the StreamPredictor function in
Xpdf ...)
{DSA-1019-1 DSA-983-1 DSA-962-1 DSA-961-1 DSA-950-1 DSA-940-1 DSA-937-1
DSA-936-1 DSA-932-1 DSA-931-1}
@@ -43936,7 +43961,8 @@
- tetex-bin 3.0-11 (bug #342292; medium)
- koffice 1:1.4.2-5 (bug #342294; medium)
- libextractor 0.5.8-1 (medium)
- - cupsys 1.1.23-13 (unimportant)
+ - cupsys <removed> (unimportant)
+ - cups 1.1.23-13 (unimportant)
- pdfkit.framework 0.8-4
CVE-2005-3191 (Multiple heap-based buffer overflows in the (1) ...)
{DSA-984-1 DSA-983-1 DSA-982-1 DSA-979-1 DSA-962-1 DSA-961-1 DSA-950-1
DSA-940-1 DSA-938-1 DSA-937-1 DSA-936-1 DSA-932-1 DSA-931-1}
@@ -43950,7 +43976,8 @@
- tetex-bin 3.0-11 (bug #342292; medium)
- koffice 1:1.4.2-5 (bug #342294; medium)
- libextractor 0.5.8-1 (medium)
- - cupsys 1.1.23-13 (unimportant)
+ - cups 1.1.23-13 (unimportant)
+ - cupsys <removed> (unimportant)
CVE-2005-3190 (Buffer overflow in Computer Associates (CA) iGateway 3.0 and
4.0 ...)
NOT-FOR-US: iGateway
CVE-2005-3189 (Directory traversal vulnerability in Qualcomm WorldMail IMAP
Server ...)
@@ -44816,7 +44843,8 @@
{DSA-856-1}
- py2play 0.1.8-1 (bug #326976; medium)
CVE-2005-2874 (The is_path_absolute function in scheduler/client.c for the
daemon in ...)
- - cupsys 1.1.23-1 (unknown)
+ - cups 1.1.23-1 (unknown)
+ - cupsys <removed> (unknown)
CVE-2005-2871 (Buffer overflow in the International Domain Name (IDN) support
in ...)
{DSA-868-1 DSA-866-1 DSA-837-1}
- mozilla-firefox 1.0.6-5 (bug #327452; bug #327802; bug #327366;
medium)
@@ -47359,7 +47387,8 @@
NOT-FOR-US: HP-UX
CVE-2001-1508 (Buffer overflow in lpstat in SCO OpenServer 5.0 through 5.0.6a
allows ...)
- lprng <not-affected> (Not suid in Debian)
- - cupsys <not-affected> (Not suid in Debian)
+ - cups <not-affected> (Not suid in Debian)
+ - cupsys <removed>
CVE-2001-1507 (OpenSSH before 3.0.1 with Kerberos V enabled does not properly
...)
- openssh 1:3.0.1
CVE-2000-1237 (The POP3 server in FTGate returns an -ERR code after receiving
an ...)
@@ -47811,7 +47840,8 @@
CVE-2005-2117 (Web View in Windows Explorer on Microsoft Windows 2000 SP4, XP
SP1 and ...)
NOT-FOR-US: Windows
CVE-2004-2154 (CUPS before 1.1.21rc1 treats a Location directive in cupsd.conf
as ...)
- - cupsys 1.1.20final+rc1-1 (low)
+ - cups 1.1.20final+rc1-1 (low)
+ - cupsys <removed> (low)
CVE-2005-2116
REJECTED
CVE-2005-2115 (Soldier of Fortune II 1.02x and 1.03 allows remote attackers to
cause ...)
@@ -47871,7 +47901,8 @@
[sarge] - tetex-bin <not-affected> (tetex2 uses an older version, which
is not affected)
- gpdf 2.10.0-4 (bug #334454; low)
NOTE: Cups switched to xpdf-utils
- - cupsys 1.1.22-7 (bug #324464)
+ - cupsys <removed> (bug #324464)
+ - cups 1.1.22-7 (bug #324464)
[woody] - cupsys <not-affected> (Vulnerable code not present)
- poppler 0.4.0-1 (low)
- libextractor 0.5.8-1 (medium)
@@ -55155,7 +55186,8 @@
- kdegraphics <not-affected> (Initial Debian fix was already correct)
- tetex-bin <not-affected> (Initial Debian fix was already correct)
- pdftohtml <not-affected> (Initial Debian fix was already correct)
- - cupsys 1.1.22-7
+ - cups 1.1.22-7
+ - cupsys <removed>
NOTE: https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=135393
NOTE: cupsys uses an external xpdf now.
CVE-2005-0205 (KPPP 2.1.2 in KDE 3.1.5 and earlier, when setuid root without
certain ...)
@@ -55555,7 +55587,8 @@
- pdftohtml 0.36-11
- kdegraphics 4:3.3.2-2
- tetex-bin 2.0.2-26
- - cupsys 1.1.22-6 (bug #324459)
+ - cupsys <removed> (bug #324459)
+ - cups 1.1.22-6 (bug #324459)
NOTE: cupsys switched to an xpdf-utils wrapper in version 1.1.22-6.
NOTE: In version 1.1.23-13, the dormant code in the source
NOTE: package was fixed.
@@ -55947,13 +55980,17 @@
CVE-2004-1271 (Buffer overflow in the dxfin function in d.c for dxfscope 0.2
allows ...)
NOT-FOR-US: dxfscope
CVE-2004-1270 (lppasswd in CUPS 1.1.22, when run in environments that do not
ensure ...)
- - cupsys 1.1.22-2
+ - cups 1.1.22-2
+ - cupsys <removed>
CVE-2004-1269 (lppasswd in CUPS 1.1.22 does not remove the passwd.new file if
it ...)
- - cupsys 1.1.22-2
+ - cups 1.1.22-2
+ - cupsys <removed>
CVE-2004-1268 (lppasswd in CUPS 1.1.22 ignores write errors when modifying the
CUPS ...)
- - cupsys 1.1.22-2
+ - cups 1.1.22-2
+ - cupsys <removed>
CVE-2004-1267 (Buffer overflow in the ParseCommand function in hpgl-input.c in
the ...)
- - cupsys 1.1.22-2
+ - cups 1.1.22-2
+ - cupsys <removed>
CVE-2004-1266 (Buffer overflow in the get_field_headers function in
csv2xml.cpp for ...)
NOT-FOR-US: csv2xml
CVE-2004-1265 (Buffer overflow in the readObjectChunk function in 3dsimp.cpp
for the ...)
@@ -56283,7 +56320,8 @@
CVE-2004-1125 (Buffer overflow in the Gfx::doImage function in Gfx.cc for xpdf
3.00, ...)
{DSA-621-1 DSA-619-1}
- xpdf 3.00-11
- - cupsys 1.1.22-2
+ - cupsys <removed>
+ - cups 1.1.22-2
- tetex-bin 2.0.2-25
- gpdf 2.8.2-1
- koffice 1:1.3.5-1
@@ -56805,7 +56843,8 @@
NOT-FOR-US: MacOS
CVE-2004-0923 (CUPS 1.1.20 and earlier records authentication information for
a ...)
{DSA-566-1}
- - cupsys 1.1.20final+rc1-9
+ - cupsys <removed>
+ - cups 1.1.20final+rc1-9
CVE-2004-0922 (AFP Server on Mac OS X 10.3.x to 10.3.5, under certain
conditions, ...)
NOT-FOR-US: MacOS
CVE-2004-0921 (AFP Server on Mac OS X 10.3.x to 10.3.5, when a guest has
mounted an ...)
@@ -56909,7 +56948,8 @@
- xpdf 3.00-9
- gpdf 2.8.0-1
- kdegraphics 4:3.3.1-1 (bug #280373)
- - cupsys 1.1.22-6 (bug #324460)
+ - cupsys <removed> (bug #324460)
+ - cups 1.1.22-6 (bug #324460)
NOTE: cupsys switched to an xpdf-utils wrapper in version 1.1.22-6.
NOTE: In version 1.1.20final+rc1-10, the dormant code in the source
NOTE: package was fixed.
@@ -57733,7 +57773,8 @@
- usermin 1.090-1
CVE-2004-0558 (The Internet Printing Protocol (IPP) implementation in CUPS
before ...)
{DSA-545-1}
- - cupsys 1.1.20final+rc1-6
+ - cupsys <removed>
+ - cups 1.1.20final+rc1-6
CVE-2004-0557 (Multiple buffer overflows in the st_wavstartread function in
wav.c for ...)
{DSA-565-1}
- sox 12.17.4-9 (bug #262083)
@@ -59397,7 +59438,8 @@
CVE-2003-0789 (mod_cgid in Apache before 2.0.48, when using a threaded MPM,
does not ...)
- apache2 2.0.48
CVE-2003-0788 (Unknown vulnerability in the Internet Printing Protocol (IPP)
...)
- - cupsys 1.1.19
+ - cupsys <removed>
+ - cups 1.1.19
CVE-2003-0787 (The PAM conversation function in OpenSSH 3.7.1 and 3.7.1p1
interprets ...)
- openssh 1:3.7.1p2
CVE-2003-0786 (The SSH1 PAM challenge response authentication in OpenSSH 3.7.1
and ...)
@@ -60765,7 +60807,8 @@
- samba 3.0
CVE-2003-0195 (CUPS before 1.1.19 allows remote attackers to cause a denial of
...)
{DSA-317}
- - cupsys 1.1.19final-1
+ - cupsys <removed>
+ - cups 1.1.19final-1
CVE-2003-0194 (tcpdump does not properly drop privileges to the pcap user when
...)
- tcpdump <not-affected> (Apparently a Red Hat specific compilation
packaging flaw)
CVE-2003-0193 (msxlsview.sh in xlsview for catdoc 0.91 and earlier allows
local users ...)
@@ -61347,7 +61390,8 @@
- traceroute-nanog 6.3.0-1
CVE-2002-1383 (Multiple integer overflows in Common Unix Printing System
(CUPS) ...)
{DSA-232}
- - cupsys 1.1.18-1
+ - cupsys <removed>
+ - cups 1.1.18-1
CVE-2002-1379 (OpenLDAP2 (OpenLDAP 2) 2.2.0 and earlier allows remote or local
...)
{DSA-227}
- openldap2 2.0.27-3
@@ -61361,7 +61405,8 @@
REJECTED
CVE-2002-1368 (Common Unix Printing System (CUPS) 1.1.14 through 1.1.17 allows
remote ...)
{DSA-232}
- - cupsys 1.1.18-1
+ - cupsys <removed>
+ - cups 1.1.18-1
CVE-2002-1360 (Multiple SSH2 servers and clients do not properly handle
strings with ...)
- openssh <not-affected> (OpenSSH not vulnerable)
CVE-2002-1359 (Multiple SSH2 servers and clients do not properly handle large
packets ...)
@@ -62792,7 +62837,8 @@
{DSA-232 DSA-226 DSA-222}
- xpdf-i 2.01-2
- xpdf 2.01-2
- - cupsys 1.1.18-1
+ - cups 1.1.18-1
+ - cupsys <removed>
CVE-2002-1382 (Macromedia Flash Player before 6.0.65.0 allows remote attackers
to ...)
- flashplugin-nonfree 6.0.69-1
CVE-2002-1381 (Format string vulnerability in daemon.c for Exim 4.x through
4.10, and ...)
@@ -62821,19 +62867,24 @@
- mysql <removed>
CVE-2002-1372 (Common Unix Printing System (CUPS) 1.1.14 through 1.1.17 does
not ...)
{DSA-232}
- - cupsys 1.1.18-1
+ - cupsys <removed>
+ - cups 1.1.18-1
CVE-2002-1371 (filters/image-gif.c in Common Unix Printing System (CUPS)
1.1.14 ...)
{DSA-232}
- - cupsys 1.1.18-1
+ - cupsys <removed>
+ - cups 1.1.18-1
CVE-2002-1369 (jobs.c in Common Unix Printing System (CUPS) 1.1.14 through
1.1.17 ...)
{DSA-232}
- - cupsys 1.1.18-1
+ - cupsys <removed>
+ - cups 1.1.18-1
CVE-2002-1367 (Common Unix Printing System (CUPS) 1.1.14 through 1.1.17 allows
remote ...)
{DSA-232}
- - cupsys 1.1.18-1
+ - cupsys <removed>
+ - cups 1.1.18-1
CVE-2002-1366 (Common Unix Printing System (CUPS) 1.1.14 through 1.1.17 allows
local ...)
{DSA-232}
- - cupsys 1.1.18-1
+ - cupsys <removed>
+ - cups 1.1.18-1
CVE-2002-1365 (Heap-based buffer overflow in Fetchmail 6.1.3 and earlier does
not ...)
{DSA-216}
- fetchmail 6.2.0-1
Modified: data/packages/removed-packages
===================================================================
--- data/packages/removed-packages 2008-06-13 16:45:44 UTC (rev 9063)
+++ data/packages/removed-packages 2008-06-13 18:02:33 UTC (rev 9064)
@@ -68,3 +68,4 @@
apache-perl
freenet6
thunderbird
+cupsys
_______________________________________________
Secure-testing-commits mailing list
[email protected]
http://lists.alioth.debian.org/mailman/listinfo/secure-testing-commits
