Debian Security Advisory DSA 1656-1 (cupsys)

The remote host is missing an update to cupsys announced via advisory DSA 1656-1.

Several local vulnerabilities have been discovered in the Common UNIX Printing System. The Common Vulnerabilities and Exposures project identifies the following problems: CVE-2008-3639 It was discovered that insufficient bounds checking in the SGI image filter may lead to the execution of arbitrary code. CVE-2008-3640 It was discovered that an integer overflow in the Postscript conversion tool texttops may lead to the execution of arbitrary code. CVE-2008-3641 It was discovered that insufficient bounds checking in the HPGL filter may lead to the execution of arbitrary code. For the stable distribution (etch), these problems have been fixed in version 1.2.7-4etch5. For the unstable distribution (sid) and the upcoming stable distribution (lenny), these problems have been fixed in version 1.3.8-1lenny2 of the source package cups. We recommend that you upgrade your cupsys package.

https://secure1.securityspace.com/smysecure/catid.html?in=DSA%201656-1