Debian 10261 Published by

The following security updates has been released for Debian:

[DLA 314-1] cups security update
[DSA 3367-1] wireshark security update



[DLA 314-1] cups security update

Package : cups
Version : 1.4.4-7+squeeze10
CVE ID : CVE-2015-3258 CVE-2015-3279

Petr Sklenar of Red Hat discovered that the texttopdf tool, part of cups
filters, was susceptible to multiple heap-based buffer and integer overflows
due to improper handling of print jobs. This could allow remote attackers to
crash texttopdf or possibly execute arbitrary code.

For Debian 6 "Squeeze", this issue has been fixed in cups version
1.4.4-7+squeeze10. For Wheezy and Jessie, this has been fixed in the
cups-filter package. We recommend you to upgrade your cups packages.

Learn more about the Debian Long Term Support (LTS) Project and how to
apply these updates at: https://wiki.debian.org/LTS/


[DSA 3367-1] wireshark security update

- -------------------------------------------------------------------------
Debian Security Advisory DSA-3367-1 security@debian.org
https://www.debian.org/security/ Moritz Muehlenhoff
September 24, 2015 https://www.debian.org/security/faq
- -------------------------------------------------------------------------

Package : wireshark
CVE ID : CVE-2015-6241 CVE-2015-6242 CVE-2015-6243 CVE-2015-6244
CVE-2015-6245 CVE-2015-6246 CVE-2015-6247 CVE-2015-6248
CVE-2015-6249

Multiple vulnerabilities were discovered in the dissectors/parsers for
ZigBee, GSM RLC/MAC, WaveAgent, ptvcursor, OpenFlow, WCCP and in internal
functions which could result in denial of service.

For the stable distribution (jessie), these problems have been fixed in
version 1.12.1+g01b65bf-4+deb8u3.

For the testing distribution (stretch), these problems have been fixed
in version 1.12.7+g7fc8978-1.

For the unstable distribution (sid), these problems have been fixed in
version 1.12.7+g7fc8978-1.

We recommend that you upgrade your wireshark packages.

Further information about Debian Security Advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://www.debian.org/security/