Debian Patches
Status for cups-filters/1.28.17-7
| Patch | Description | Author | Forwarded | Bugs | Origin | Last update |
|---|---|---|---|---|---|---|
| 0001-Force-set-INITDIR-in-configure.ac-instead-of-relying.patch | Force-set INITDIR in configure.ac instead of relying on 'test -d /etc/init.d', which fails on s390x | Didier Raboud <odyx@debian.org> | no | 2020-06-13 | ||
| 0002-qpdf-needs-at-least-c-17.patch | qpdf needs at least c++17 | Thorsten Alteholz <debian@alteholz.de> | no | 2023-03-10 | ||
| 0003-fix-CVE-2023-24805.patch | fix CVE-2023-24805 | Thorsten Alteholz <debian@alteholz.de> | no | 2023-05-19 | ||
| 0004-CVE-2024-47076.patch | commit 95576ec3d20c109332d14672a807353cdc551018 cfGetPrinterAttributes5(): Validate response attributes before return The destination can be corrupted or forged, so validate the response to strenghten security measures. Fixes CVE-2024-47076 =================================================================== |
Zdenek Dohnal <zdohnal@redhat.com> | no | 2024-09-26 | ||
| 0005-CVE-2024-47176.patch | Default BrowseRemoteProtocols should not include "cups" protocol. configure.ac | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) =================================================================== |
no | ||||
| 0006-qpdf-12.patch | fix build against qpdf 12 | Sébastien Noel <sebastien@twolife.be> | no | |||
| CVE-2025-57812-1.patch | [PATCH] Fix heap-buffer overflow write in cfImageLut 1. fix for CVE-2025-57812 |
Till Kamppeter <till.kamppeter@gmail.com> | no | 2025-11-10 | ||
| CVE-2025-57812-2.patch | [PATCH] Reject color images with 1 bit per sample 2. fix for CVE-2025-57812 |
Till Kamppeter <till.kamppeter@gmail.com> | no | 2025-11-10 | ||
| CVE-2025-57812-3.patch | [PATCH] Reject images where the number of samples does not correspond with the color space 3. fix for CVE-2025-57812 |
Till Kamppeter <till.kamppeter@gmail.com> | no | 2025-11-10 | ||
| CVE-2025-57812-4.patch | [PATCH] Reject images with planar color configuration 4. fix for CVE-2025-57812 |
Till Kamppeter <till.kamppeter@gmail.com> | no | 2025-11-10 | ||
| CVE-2025-57812-5.patch | [PATCH] Reject images with vertical scanlines 5. fix for CVE-2025-57812 |
Till Kamppeter <till.kamppeter@gmail.com> | no | 2025-11-10 | ||
| CVE-2025-64503.patch | [PATCH] Fix out-of-bounds write in pdftoraster PDFs with too large page dimensions could cause an integer overflow and then a too small buffer for the pixel line to be allocated. Fixed this by cropping the page size to the maximum allowed by the standard, 14400x14400pt, 200x200in, 5x5m https://community.adobe.com/t5/indesign-discussions/maximum-width-of-a-pdf/td-p/9217372 Fixes CVE-2025-64503 |
Till Kamppeter <till.kamppeter@gmail.com> | no | 2025-11-10 | ||
| CVE-2025-64524.patch | [PATCH] rastertopclx.c: Fix infinite loop caused by crafted file Infinite loop happened because of crafted input raster file, which led into heap buffer overflow of `CompressBuf` array. Based on comments there should be always some `count` when compressing the data, and processing of crafted file ended with offset and count being 0. Fixes CVE-2025-64524 |
Zdenek Dohnal <zdohnal@redhat.com> | no | 2025-11-12 |
All known versions for source package 'cups-filters'
- 1.28.17-7 (sid)
- 1.28.17-6 (forky, trixie)
- 1.28.17-3+deb12u1 (bookworm, bookworm-security)