Package: cups-filters | Debian Sources

Package: cups-filters / 1.0.18-2.1+deb7u2

Metadata

Package	Version	Patches format
cups-filters	1.0.18-2.1+deb7u2	3.0 (quilt)

Patch series

view the series file

Patch	File delta	Description
fcfontsort no trim.patch \| (download)	filter/texttopdf.c \| 3 2 + 1 - 0 ! 1 file changed, 2 insertions(+), 1 deletion(-)	do not trim the results of fcfontsort(), as this may miss some reasonable candidates under certain circumstances. BTW, fix passing a non-pointer as a pointer to "result".
pdftoopvp SECURITY protect against arbitrary code execution.patch \| (download)	pdftoopvp/OPVPOutputDev.cxx \| 30 15 + 15 - 0 ! pdftoopvp/oprs/OPVPSplash.cxx \| 20 10 + 10 - 0 ! pdftoopvp/oprs/OPVPWrapper.cxx \| 6 6 + 0 - 0 ! 3 files changed, 31 insertions(+), 25 deletions(-)	pdftoopvp: security fix for cve-2013-6474, cve-2013-6475, and CVE-2013-6476: Introductionof gmallocn and gmallocn3 to protect against arbitrary code execution with the privileges of the "lp" user via malicious PDF files. Also restrict the directory from where OPVP drivers can get loaded.
r7363 r7365_fixed_buffer_overflow_on_size_allocation_of_texttopdf.patch \| (download)	filter/textcommon.c \| 42 42 + 0 - 0 ! filter/texttopdf.c \| 15 0 + 15 - 0 ! 2 files changed, 42 insertions(+), 15 deletions(-)	security fix: texttopdf: fixed buffer overflow on size allocation of texttopdf when working with extremely small line sizes, which causes the size calculation to result in 0.

Patch

File delta

Description

fcfontsort no trim.patch | (download)

filter/texttopdf.c | 3 2 + 1 - 0 !
1 file changed, 2 insertions(+), 1 deletion(-)

 do not trim the results of fcfontsort(),
 as this may miss some reasonable candidates under certain circumstances.
 BTW, fix passing a non-pointer as a pointer to "result".

pdftoopvp SECURITY protect against arbitrary code execution.patch | (download)

pdftoopvp/OPVPOutputDev.cxx | 30 15 + 15 - 0 !
pdftoopvp/oprs/OPVPSplash.cxx | 20 10 + 10 - 0 !
pdftoopvp/oprs/OPVPWrapper.cxx | 6 6 + 0 - 0 !
3 files changed, 31 insertions(+), 25 deletions(-)

 pdftoopvp: security fix for cve-2013-6474, cve-2013-6475,
 and CVE-2013-6476: Introductionof gmallocn and gmallocn3 to protect
 against arbitrary code execution with the privileges of the "lp" user
 via malicious PDF files. Also restrict the directory from where OPVP
 drivers can get loaded.

r7363 r7365_fixed_buffer_overflow_on_size_allocation_of_texttopdf.patch | (download)

filter/textcommon.c | 42 42 + 0 - 0 !
filter/texttopdf.c | 15 0 + 15 - 0 !
2 files changed, 42 insertions(+), 15 deletions(-)

 security fix: texttopdf: fixed buffer overflow on size allocation of texttopdf when working with extremely small line sizes, which causes the size calculation to result in 0.