Launchpad has imported 7 comments from the remote bug at https://bugzilla.redhat.com/show_bug.cgi?id=438303.
If you reply to an imported comment from within Launchpad, your comment will be sent to the remote bug automatically. Read more about Launchpad's inter-bugtracker facilities at https://help.launchpad.net/InterBugTracking. ------------------------------------------------------------------------ On 2008-03-20T10:16:46+00:00 Tomas wrote: It was discovered that GIF parsing code used by CUPS printing system is affected by similar issue as GIF parsers used by gd / netpbm / tk / SDL_image. Value of code_size read from GIF image is not properly validate before being used to initialize table array in gif_read_lzw(), causing a static buffer overflow. Issue is similar to: CVE-2006-4484 (gd), CVE-2007-6697 (SDL_image), CVE-2008-0553 (tk), CVE-2008-0554 (netpbm) Reply at: https://bugs.launchpad.net/ubuntu/+source/cupsys/+bug/210718/comments/0 ------------------------------------------------------------------------ On 2008-03-20T10:22:19+00:00 Tomas wrote: Created attachment 298680 Proposed patch Similar to fixed used in gd / tk / netpbm / SDL_image. Reply at: https://bugs.launchpad.net/ubuntu/+source/cupsys/+bug/210718/comments/1 ------------------------------------------------------------------------ On 2008-03-20T17:17:44+00:00 Tomas wrote: Tracked upstream via: http://www.cups.org/str.php?L2765 Reply at: https://bugs.launchpad.net/ubuntu/+source/cupsys/+bug/210718/comments/2 ------------------------------------------------------------------------ On 2008-04-01T16:20:20+00:00 Fedora wrote: cups-1.2.12-10.fc7 has been submitted as an update for Fedora 7 Reply at: https://bugs.launchpad.net/ubuntu/+source/cupsys/+bug/210718/comments/3 ------------------------------------------------------------------------ On 2008-04-09T05:11:48+00:00 Fedora wrote: cups-1.3.6-4.fc8 has been pushed to the Fedora 8 stable repository. If problems still persist, please make note of it in this bug report. Reply at: https://bugs.launchpad.net/ubuntu/+source/cupsys/+bug/210718/comments/8 ------------------------------------------------------------------------ On 2008-04-09T05:13:10+00:00 Fedora wrote: cups-1.2.12-10.fc7 has been pushed to the Fedora 7 stable repository. If problems still persist, please make note of it in this bug report. Reply at: https://bugs.launchpad.net/ubuntu/+source/cupsys/+bug/210718/comments/9 ------------------------------------------------------------------------ On 2008-04-09T06:22:11+00:00 Red wrote: This issue was addressed in: Red Hat Enterprise Linux: http://rhn.redhat.com/errata/RHSA-2008-0192.html http://rhn.redhat.com/errata/RHSA-2008-0206.html Fedora: https://admin.fedoraproject.org/updates/F7/FEDORA-2008-2897 https://admin.fedoraproject.org/updates/F8/FEDORA-2008-2131 Reply at: https://bugs.launchpad.net/ubuntu/+source/cupsys/+bug/210718/comments/10 ** Changed in: cupsys (Fedora) Importance: Unknown => Medium ** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2006-4484 ** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2007-6697 ** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2008-0553 ** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2008-0554 -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/210718 Title: CVE-2008-1373: CUPS GIF image filter overflow To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/cupsys/+bug/210718/+subscriptions -- ubuntu-bugs mailing list [email protected] https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
