Package: cups Version: 1.3.8-1 Severity: important Tags: security Hi, the following CVE (Common Vulnerabilities & Exposures) id was published for cups.
CVE-2009-3553[0]: | Use-after-free vulnerability in the abstract file-descriptor handling | interface in the cupsdDoSelect function in scheduler/select.c in the | scheduler in cupsd in CUPS 1.3.7 and 1.3.10 allows remote attackers to | cause a denial of service (daemon crash or hang) via a client | disconnection during listing of a large number of print jobs, related | to improperly maintaining a reference count. NOTE: some of these | details are obtained from third party information. If you fix the vulnerability please also make sure to include the CVE id in your changelog entry. Note that lenny is affected, so please prepare a proposed-updates for the next lenny release. For further information see: [0] http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3553 http://security-tracker.debian.org/tracker/CVE-2009-3553 -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
