Skip Quicknav

• About Debian
• News
• Getting Debian
• Support
• Developers' Corner
• Site map
• Search

Debian Security Advisory

DSA-110-1 cups -- buffer overflow

Date Reported:

13 Feb 2002

Affected Packages:

cupsys

Vulnerable:

Yes

Security database references:

In Mitre's CVE dictionary: CVE-2002-0063.

More information:

The authors of CUPS, the Common UNIX Printing System, have found a potential buffer overflow bug in the code of the CUPS daemon where it reads the names of attributes. This affects all versions of CUPS.

This problem has been fixed in version 1.0.4-10 for the stable Debian distribution and version 1.1.13-2 for the current testing/unstable distribution.

We recommend that you upgrade your CUPS packages immediately if you have them installed.

Fixed in:

Debian GNU/Linux 2.2 (potato)

Source:

http://security.debian.org/dists/stable/updates/main/source/cupsys_1.0.4-10.dsc

http://security.debian.org/dists/stable/updates/main/source/cupsys_1.0.4-10.diff.gz

http://security.debian.org/dists/stable/updates/main/source/cupsys_1.0.4.orig.tar.gz

Alpha:

http://security.debian.org/dists/stable/updates/main/binary-alpha/cupsys-bsd_1.0.4-10_alpha.deb

http://security.debian.org/dists/stable/updates/main/binary-alpha/cupsys_1.0.4-10_alpha.deb

http://security.debian.org/dists/stable/updates/main/binary-alpha/libcupsys1-dev_1.0.4-10_alpha.deb

http://security.debian.org/dists/stable/updates/main/binary-alpha/libcupsys1_1.0.4-10_alpha.deb

ARM:

http://security.debian.org/dists/stable/updates/main/binary-arm/cupsys-bsd_1.0.4-10_arm.deb

http://security.debian.org/dists/stable/updates/main/binary-arm/cupsys_1.0.4-10_arm.deb

http://security.debian.org/dists/stable/updates/main/binary-arm/libcupsys1-dev_1.0.4-10_arm.deb

http://security.debian.org/dists/stable/updates/main/binary-arm/libcupsys1_1.0.4-10_arm.deb

Intel ia32:

http://security.debian.org/dists/stable/updates/main/binary-i386/cupsys-bsd_1.0.4-10_i386.deb

http://security.debian.org/dists/stable/updates/main/binary-i386/cupsys_1.0.4-10_i386.deb

http://security.debian.org/dists/stable/updates/main/binary-i386/libcupsys1-dev_1.0.4-10_i386.deb

http://security.debian.org/dists/stable/updates/main/binary-i386/libcupsys1_1.0.4-10_i386.deb

Motorola 680x0:

http://security.debian.org/dists/stable/updates/main/binary-m68k/cupsys-bsd_1.0.4-10_m68k.deb

http://security.debian.org/dists/stable/updates/main/binary-m68k/cupsys_1.0.4-10_m68k.deb

http://security.debian.org/dists/stable/updates/main/binary-m68k/libcupsys1-dev_1.0.4-10_m68k.deb

http://security.debian.org/dists/stable/updates/main/binary-m68k/libcupsys1_1.0.4-10_m68k.deb

PowerPC:

http://security.debian.org/dists/stable/updates/main/binary-powerpc/cupsys-bsd_1.0.4-10_powerpc.deb

http://security.debian.org/dists/stable/updates/main/binary-powerpc/cupsys_1.0.4-10_powerpc.deb

http://security.debian.org/dists/stable/updates/main/binary-powerpc/libcupsys1-dev_1.0.4-10_powerpc.deb

http://security.debian.org/dists/stable/updates/main/binary-powerpc/libcupsys1_1.0.4-10_powerpc.deb

Sun Sparc:

http://security.debian.org/dists/stable/updates/main/binary-sparc/cupsys-bsd_1.0.4-10_sparc.deb

http://security.debian.org/dists/stable/updates/main/binary-sparc/cupsys_1.0.4-10_sparc.deb

http://security.debian.org/dists/stable/updates/main/binary-sparc/libcupsys1-dev_1.0.4-10_sparc.deb

http://security.debian.org/dists/stable/updates/main/binary-sparc/libcupsys1_1.0.4-10_sparc.deb

MD5 checksums of the listed files are available in the original advisory.

This page is also available in the following languages:

dansk Deutsch español français 日本語 (Nihongo) Português svenska

How to set the default document language