Описание
Security update for cups-filters
cups-filters was updated to fix two security issues.
These security issues were fixed:
- CVE-2015-3279: Texttopdf integer overflow (incomplete fix for CVE-2015-3258) (bsc#937018).
- CVE-2015-3258: Texttopdf heap-based buffer overflow (bsc#936281).
Список пакетов
SUSE Linux Enterprise Desktop 12
cups-filters-1.0.58-8.1
cups-filters-cups-browsed-1.0.58-8.1
cups-filters-foomatic-rip-1.0.58-8.1
cups-filters-ghostscript-1.0.58-8.1
SUSE Linux Enterprise Server 12
cups-filters-1.0.58-8.1
cups-filters-cups-browsed-1.0.58-8.1
cups-filters-foomatic-rip-1.0.58-8.1
cups-filters-ghostscript-1.0.58-8.1
SUSE Linux Enterprise Server for SAP Applications 12
cups-filters-1.0.58-8.1
cups-filters-cups-browsed-1.0.58-8.1
cups-filters-foomatic-rip-1.0.58-8.1
cups-filters-ghostscript-1.0.58-8.1
Ссылки
- Link for SUSE-SU-2015:1377-1
- E-Mail link for SUSE-SU-2015:1377-1
- SUSE Security Ratings
- SUSE Bug 936281
- SUSE Bug 937018
- SUSE CVE CVE-2015-3258 page
- SUSE CVE CVE-2015-3279 page
Описание
Heap-based buffer overflow in the WriteProlog function in filter/texttopdf.c in texttopdf in cups-filters before 1.0.70 allows remote attackers to cause a denial of service (crash) or possibly execute arbitrary code via a small line size in a print job.
Затронутые продукты
SUSE Linux Enterprise Desktop 12:cups-filters-1.0.58-8.1
SUSE Linux Enterprise Desktop 12:cups-filters-cups-browsed-1.0.58-8.1
SUSE Linux Enterprise Desktop 12:cups-filters-foomatic-rip-1.0.58-8.1
SUSE Linux Enterprise Desktop 12:cups-filters-ghostscript-1.0.58-8.1
Ссылки
- CVE-2015-3258
- SUSE Bug 921753
- SUSE Bug 936281
- SUSE Bug 937018
Описание
Integer overflow in filter/texttopdf.c in texttopdf in cups-filters before 1.0.71 allows remote attackers to cause a denial of service (crash) or possibly execute arbitrary code via a crafted line size in a print job, which triggers a heap-based buffer overflow.
Затронутые продукты
SUSE Linux Enterprise Desktop 12:cups-filters-1.0.58-8.1
SUSE Linux Enterprise Desktop 12:cups-filters-cups-browsed-1.0.58-8.1
SUSE Linux Enterprise Desktop 12:cups-filters-foomatic-rip-1.0.58-8.1
SUSE Linux Enterprise Desktop 12:cups-filters-ghostscript-1.0.58-8.1
Ссылки
- CVE-2015-3279
- SUSE Bug 921753
- SUSE Bug 936281
- SUSE Bug 937018