(hopefully) fix cupsys -> cups renaming

git-svn-id: svn+ssh://svn.debian.org/svn/secure-testing@9083 e39458fd-73e7-0310-bf30-c45bca0a0e42
author: Nico Golde <nion@debian.org> 2008-06-16 15:57:15 +0000
committer: Nico Golde <nion@debian.org> 2008-06-16 15:57:15 +0000
commit: 71b86aff4ae00abd7fe4332419b2a811cf946b11 (patch)
tree: b8b79bb978e30921903a74e01aaa36cd02bcceb4
parent: 61d58efa7a046bb0026441f0e472113fd1d082fd (diff)
7 files changed, 52 insertions, 50 deletions
diff --git a/data/CVE/2001.list b/data/CVE/2001.list
index 08e5d9d089..2df5dc8cc3 100644
--- a/data/CVE/2001.list
+++ b/data/CVE/2001.list
@@ -171,7 +171,7 @@ CVE-2001-1509 (geteuid in Itanium Architecture (IA) running on HP-UX 11.20 does
 CVE-2001-1508 (Buffer overflow in lpstat in SCO OpenServer 5.0 through 5.0.6a allows ...)
 	- lprng <not-affected> (Not suid in Debian)
 	- cups <not-affected> (Not suid in Debian)
-	- cupsys <removed>
+	- cupsys <not-affected> (Not suid in Debian)
 CVE-2001-1507 (OpenSSH before 3.0.1 with Kerberos V enabled does not properly ...)
 	- openssh 1:3.0.1
 CVE-2001-1506 (Unknown vulnerability in the file system protection subsystem in HP ...)
diff --git a/data/CVE/2002.list b/data/CVE/2002.list
index 9481466597..bb261530ab 100644
--- a/data/CVE/2002.list
+++ b/data/CVE/2002.list
@@ -2008,8 +2008,8 @@ CVE-2002-1386 (Buffer overflow in traceroute-nanog (aka traceroute-ng) may allow
 	- traceroute-nanog 6.3.0-1
 CVE-2002-1383 (Multiple integer overflows in Common Unix Printing System (CUPS) ...)
 	{DSA-232}
-	- cupsys <removed>
 	- cups 1.1.18-1
+	- cupsys 1.1.18-1
 CVE-2002-1379 (OpenLDAP2 (OpenLDAP 2) 2.2.0 and earlier allows remote or local ...)
 	{DSA-227}
 	- openldap2 2.0.27-3
@@ -2023,8 +2023,8 @@ CVE-2002-1370
 	REJECTED
 CVE-2002-1368 (Common Unix Printing System (CUPS) 1.1.14 through 1.1.17 allows remote ...)
 	{DSA-232}
-	- cupsys <removed>
 	- cups 1.1.18-1
+	- cupsys 1.1.18-1
 CVE-2002-1360 (Multiple SSH2 servers and clients do not properly handle strings with ...)
 	- openssh <not-affected> (OpenSSH not vulnerable)
 CVE-2002-1359 (Multiple SSH2 servers and clients do not properly handle large packets ...)
@@ -3081,7 +3081,7 @@ CVE-2002-1384 (Integer overflow in pdftops, as used in Xpdf 2.01 and earlier, xp
 	- xpdf-i 2.01-2
 	- xpdf 2.01-2
 	- cups 1.1.18-1
-	- cupsys <removed>
+	- cupsys 1.1.18-1
 CVE-2002-1382 (Macromedia Flash Player before 6.0.65.0 allows remote attackers to ...)
 	- flashplugin-nonfree 6.0.69-1
 CVE-2002-1381 (Format string vulnerability in daemon.c for Exim 4.x through 4.10, and ...)
@@ -3110,24 +3110,24 @@ CVE-2002-1373 (Signed integer vulnerability in the COM_TABLE_DUMP package for My
 	- mysql <removed>
 CVE-2002-1372 (Common Unix Printing System (CUPS) 1.1.14 through 1.1.17 does not ...)
 	{DSA-232}
-	- cupsys <removed>
 	- cups 1.1.18-1
+	- cupsys 1.1.18-1
 CVE-2002-1371 (filters/image-gif.c in Common Unix Printing System (CUPS) 1.1.14 ...)
 	{DSA-232}
-	- cupsys <removed>
 	- cups 1.1.18-1
+	- cupsys 1.1.18-1
 CVE-2002-1369 (jobs.c in Common Unix Printing System (CUPS) 1.1.14 through 1.1.17 ...)
 	{DSA-232}
-	- cupsys <removed>
 	- cups 1.1.18-1
+	- cupsys 1.1.18-1
 CVE-2002-1367 (Common Unix Printing System (CUPS) 1.1.14 through 1.1.17 allows remote ...)
 	{DSA-232}
-	- cupsys <removed>
 	- cups 1.1.18-1
+	- cupsys 1.1.18-1
 CVE-2002-1366 (Common Unix Printing System (CUPS) 1.1.14 through 1.1.17 allows local ...)
 	{DSA-232}
-	- cupsys <removed>
 	- cups 1.1.18-1
+	- cupsys 1.1.18-1
 CVE-2002-1365 (Heap-based buffer overflow in Fetchmail 6.1.3 and earlier does not ...)
 	{DSA-216}
 	- fetchmail 6.2.0-1
diff --git a/data/CVE/2003.list b/data/CVE/2003.list
index 6eebaf3268..a34284c38c 100644
--- a/data/CVE/2003.list
+++ b/data/CVE/2003.list
@@ -1586,8 +1586,8 @@ CVE-2003-0790
 CVE-2003-0789 (mod_cgid in Apache before 2.0.48, when using a threaded MPM, does not ...)
 	- apache2 2.0.48
 CVE-2003-0788 (Unknown vulnerability in the Internet Printing Protocol (IPP) ...)
-	- cupsys <removed>
 	- cups 1.1.19
+	- cupsys 1.1.19
 CVE-2003-0787 (The PAM conversation function in OpenSSH 3.7.1 and 3.7.1p1 interprets ...)
 	- openssh 1:3.7.1p2
 CVE-2003-0786 (The SSH1 PAM challenge response authentication in OpenSSH 3.7.1 and ...)
@@ -2955,8 +2955,8 @@ CVE-2003-0196 (Multiple buffer overflows in Samba before 2.2.8a may allow remote
 	- samba 3.0
 CVE-2003-0195 (CUPS before 1.1.19 allows remote attackers to cause a denial of ...)
 	{DSA-317}
-	- cupsys <removed>
 	- cups 1.1.19final-1
+	- cupsys 1.1.19final-1
 CVE-2003-0194 (tcpdump does not properly drop privileges to the pcap user when ...)
 	- tcpdump <not-affected> (Apparently a Red Hat specific compilation packaging flaw)
 CVE-2003-0193 (msxlsview.sh in xlsview for catdoc 0.91 and earlier allows local users ...)
diff --git a/data/CVE/2004.list b/data/CVE/2004.list
index 612f44b90f..261b725a80 100644
--- a/data/CVE/2004.list
+++ b/data/CVE/2004.list
@@ -1260,7 +1260,7 @@ CVE-2004-2155 (Online-bookmarks before 0.4.6 allows remote attackers to bypass i
 	NOT-FOR-US: Online-bookmarks
 CVE-2004-2154 (CUPS before 1.1.21rc1 treats a Location directive in cupsd.conf as ...)
 	- cups 1.1.20final+rc1-1 (low)
-	- cupsys <removed> (low)
+	- cupsys 1.1.20final+rc1-1 (low)
 CVE-2004-2153 (Multiple unknown vulnerabilities in Real Estate Management Software ...)
 	NOT-FOR-US: Real Estate Management Software
 CVE-2004-2152 (Cross-site scripting (XSS) vulnerability in 'raw' page output mode for ...)
@@ -3096,16 +3096,16 @@ CVE-2004-1271 (Buffer overflow in the dxfin function in d.c for dxfscope 0.2 all
 	NOT-FOR-US: dxfscope
 CVE-2004-1270 (lppasswd in CUPS 1.1.22, when run in environments that do not ensure ...)
 	- cups 1.1.22-2
-	- cupsys <removed>
+	- cupsys 1.1.22-2
 CVE-2004-1269 (lppasswd in CUPS 1.1.22 does not remove the passwd.new file if it ...)
 	- cups 1.1.22-2
-	- cupsys <removed>
+	- cupsys 1.1.22-2
 CVE-2004-1268 (lppasswd in CUPS 1.1.22 ignores write errors when modifying the CUPS ...)
 	- cups 1.1.22-2
-	- cupsys <removed>
+	- cupsys 1.1.22-2
 CVE-2004-1267 (Buffer overflow in the ParseCommand function in hpgl-input.c in the ...)
 	- cups 1.1.22-2
-	- cupsys <removed>
+	- cupsys 1.1.22-2
 CVE-2004-1266 (Buffer overflow in the get_field_headers function in csv2xml.cpp for ...)
 	NOT-FOR-US: csv2xml
 CVE-2004-1265 (Buffer overflow in the readObjectChunk function in 3dsimp.cpp for the ...)
@@ -3435,7 +3435,7 @@ CVE-2004-1126
 CVE-2004-1125 (Buffer overflow in the Gfx::doImage function in Gfx.cc for xpdf 3.00, ...)
 	{DSA-621-1 DSA-619-1}
 	- xpdf 3.00-11
-	- cupsys <removed>
+	- cupsys 1.1.22-2
 	- cups 1.1.22-2
 	- tetex-bin 2.0.2-25
 	- gpdf 2.8.2-1
@@ -3958,7 +3958,7 @@ CVE-2004-0924 (NetInfo Manager on Mac OS X 10.3.x through 10.3.5, after an initi
 	NOT-FOR-US: MacOS
 CVE-2004-0923 (CUPS 1.1.20 and earlier records authentication information for a ...)
 	{DSA-566-1}
-	- cupsys <removed>
+	- cupsys 1.1.20final+rc1-9
 	- cups 1.1.20final+rc1-9
 CVE-2004-0922 (AFP Server on Mac OS X 10.3.x to 10.3.5, under certain conditions, ...)
 	NOT-FOR-US: MacOS
@@ -4063,7 +4063,7 @@ CVE-2004-0888 (Multiple integer overflows in xpdf 2.0 and 3.0, and other package
 	- xpdf 3.00-9
 	- gpdf 2.8.0-1
 	- kdegraphics 4:3.3.1-1 (bug #280373)
-	- cupsys <removed> (bug #324460)
+	- cupsys 1.1.22-6 (bug #324460)
 	- cups 1.1.22-6 (bug #324460)
 	NOTE: cupsys switched to an xpdf-utils wrapper in version 1.1.22-6.
 	NOTE: In version 1.1.20final+rc1-10, the dormant code in the source
@@ -4888,8 +4888,8 @@ CVE-2004-0559 (The maketemp.pl script in Usermin 1.070 and 1.080 allows local us
 	- usermin 1.090-1
 CVE-2004-0558 (The Internet Printing Protocol (IPP) implementation in CUPS before ...)
 	{DSA-545-1}
-	- cupsys <removed>
 	- cups 1.1.20final+rc1-6
+	- cupsys 1.1.20final+rc1-6
 CVE-2004-0557 (Multiple buffer overflows in the st_wavstartread function in wav.c for ...)
 	{DSA-565-1}
 	- sox 12.17.4-9 (bug #262083)
diff --git a/data/CVE/2005.list b/data/CVE/2005.list
index f0269d601f..decd2aaec3 100644
--- a/data/CVE/2005.list
+++ b/data/CVE/2005.list
@@ -4,7 +4,7 @@ CVE-2005-4874 (The XMLHttpRequest object in Mozilla 1.7.8 supports the HTTP TRAC
 	- iceweasel <not-affected> (old version and CVE)
 CVE-2005-4873 (Multiple stack-based buffer overflows in the phpcups PHP module for ...)
 	- cups 1.1.23-10sarge1
-	- cupsys <removed>
+	- cupsys 1.1.23-10sarge1
 CVE-2005-4872 (Perl-Compatible Regular Expression (PCRE) library before 6.2 does not ...)
 	- pcre3 6.2-1
 	[sarge] - pcre3 4.5+7.4-1
@@ -2752,7 +2752,7 @@ CVE-2005-3628 (Buffer overflow in the JBIG2Bitmap::JBIG2Bitmap function in ...)
 	- libextractor 0.5.9-1
 	- pdfkit.framework 0.8-4
 	- pdftohtml 0.36-12
-	- cupsys <removed>
+	- cupsys 1.1.22-7
 	- cups 1.1.22-7
 	NOTE: cupsys switched to an external PDF implementation in 1.1.22-7.
 	- tetex-bin 3.0-12
@@ -2767,7 +2767,7 @@ CVE-2005-3627 (Stream.cc in Xpdf, as used in products such as gpdf, kpdf, pdftoh
 	- libextractor 0.5.9-1
 	- pdfkit.framework 0.8-4
 	- pdftohtml 0.36-12
-	- cupsys <removed>
+	- cupsys 1.1.22-7
 	- cups 1.1.22-7
 	NOTE: cupsys switched to an external PDF implementation in 1.1.22-7.
 	- tetex-bin 3.0-12
@@ -2782,7 +2782,7 @@ CVE-2005-3626 (Xpdf, as used in products such as gpdf, kpdf, pdftohtml, poppler,
 	- libextractor 0.5.9-1
 	- pdfkit.framework 0.8-4
 	- pdftohtml 0.36-12
-	- cupsys <removed>
+	- cupsys 1.1.22-7
 	- cups 1.1.22-7
 	NOTE: cupsys switched to an external PDF implementation in 1.1.22-7.
 	- tetex-bin 3.0-12
@@ -2799,7 +2799,7 @@ CVE-2005-3625 (Xpdf, as used in products such as gpdf, kpdf, pdftohtml, poppler,
 	- pdfkit.framework 0.8-4
 	- pdftohtml 0.36-12
 	- cups 1.1.22-7
-	- cupsys <removed>
+	- cupsys 1.1.22-7
 	NOTE: cupsys switched to an external PDF implementation in 1.1.22-7.
 	NOTE: tetex-bin switched to poppler in 3.0-12.
 CVE-2005-3624 (The CCITTFaxStream::CCITTFaxStream function in Stream.cc for xpdf, ...)
@@ -2814,7 +2814,7 @@ CVE-2005-3624 (The CCITTFaxStream::CCITTFaxStream function in Stream.cc for xpdf
 	- pdfkit.framework 0.8-4
 	- pdftohtml 0.36-12
 	- cups 1.1.22-7
-	- cupsys <removed>
+	- cupsys 1.1.22-7
 	NOTE: cupsys switched to an external PDF implementation in 1.1.22-7.
 	NOTE: tetex-bin switched to poppler in 3.0-12.
 CVE-2005-3623 (nfs2acl.c in the Linux kernel 2.6.14.4 does not check for MAY_SATTR ...)
@@ -3881,7 +3881,7 @@ CVE-2005-3193 (Heap-based buffer overflow in the JPXStream::readCodestream funct
 	- tetex-bin 3.0-11 (bug #342292; medium)
 	- koffice <not-affected> (Vulnerable xpdf code not contained)
 	- libextractor 0.5.8-1 (medium)
-	- cupsys <removed> (unimportant)
+	- cupsys 1.1.23-13 (unimportant)
 	- cups 1.1.23-13 (unimportant)
 	- pdfkit.framework 0.8-4
 CVE-2005-3192 (Heap-based buffer overflow in the StreamPredictor function in Xpdf ...)
@@ -3896,7 +3896,7 @@ CVE-2005-3192 (Heap-based buffer overflow in the StreamPredictor function in Xpd
 	- tetex-bin 3.0-11 (bug #342292; medium)
 	- koffice 1:1.4.2-5 (bug #342294; medium)
 	- libextractor 0.5.8-1 (medium)
-	- cupsys <removed> (unimportant)
+	- cupsys 1.1.23-13 (unimportant)
 	- cups 1.1.23-13 (unimportant)
 	- pdfkit.framework 0.8-4
 CVE-2005-3191 (Multiple heap-based buffer overflows in the (1) ...)
@@ -3912,7 +3912,7 @@ CVE-2005-3191 (Multiple heap-based buffer overflows in the (1) ...)
 	- koffice 1:1.4.2-5 (bug #342294; medium)
 	- libextractor 0.5.8-1 (medium)
 	- cups 1.1.23-13 (unimportant)
-	- cupsys <removed> (unimportant)
+	- cupsys 1.1.23-13 (unimportant)
 CVE-2005-3190 (Buffer overflow in Computer Associates (CA) iGateway 3.0 and 4.0 ...)
 	NOT-FOR-US: iGateway
 CVE-2005-3189 (Directory traversal vulnerability in Qualcomm WorldMail IMAP Server ...)
@@ -4748,7 +4748,7 @@ CVE-2005-2875 (Py2Play allows remote attackers to execute arbitrary Python code
 	- py2play 0.1.8-1 (bug #326976; medium)
 CVE-2005-2874 (The is_path_absolute function in scheduler/client.c for the daemon in ...)
 	- cups 1.1.23-1 (unknown)
-	- cupsys <removed> (unknown)
+	- cupsys 1.1.23-1 (unknown)
 CVE-2005-2871 (Buffer overflow in the International Domain Name (IDN) support in ...)
 	{DSA-868-1 DSA-866-1 DSA-837-1}
 	- mozilla-firefox 1.0.6-5 (bug #327452; bug #327802; bug #327366; medium)
@@ -6639,7 +6639,7 @@ CVE-2005-2097 (xpdf and kpdf do not properly validate the &quot;loca&quot; table
 	[sarge] - tetex-bin <not-affected> (tetex2 uses an older version, which is not affected)
 	- gpdf 2.10.0-4 (bug #334454; low)
 	NOTE: Cups switched to xpdf-utils
-	- cupsys <removed> (bug #324464)
+	- cupsys 1.1.22-7 (bug #324464)
 	- cups 1.1.22-7 (bug #324464)
 	[woody] - cupsys <not-affected> (Vulnerable code not present)
 	- poppler 0.4.0-1 (low)
@@ -10967,7 +10967,7 @@ CVE-2005-0206 (The patch for integer overflow vulnerabilities in Xpdf 2.0 and 3.
 	- tetex-bin <not-affected> (Initial Debian fix was already correct)
 	- pdftohtml <not-affected> (Initial Debian fix was already correct)
 	- cups 1.1.22-7
-	- cupsys <removed>
+	- cupsys 1.1.22-7
 	NOTE: https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=135393
 	NOTE: cupsys uses an external xpdf now.
 CVE-2005-0205 (KPPP 2.1.2 in KDE 3.1.5 and earlier, when setuid root without certain ...)
@@ -11326,7 +11326,7 @@ CVE-2005-0064 (Buffer overflow in the Decrypt::makeFileKey2 function in Decrypt.
 	- pdftohtml 0.36-11
 	- kdegraphics 4:3.3.2-2
 	- tetex-bin 2.0.2-26
-	- cupsys <removed> (bug #324459)
+	- cupsys 1.1.22-6 (bug #324459)
 	- cups 1.1.22-6 (bug #324459)
 	NOTE: cupsys switched to an xpdf-utils wrapper in version 1.1.22-6.
 	NOTE: In version 1.1.23-13, the dormant code in the source
diff --git a/data/CVE/2007.list b/data/CVE/2007.list
index b0acac21b3..5fab167f3b 100644
--- a/data/CVE/2007.list
+++ b/data/CVE/2007.list
@@ -778,7 +778,7 @@ CVE-2007-6388 (Cross-site scripting (XSS) vulnerability in mod_status in the Apa
 CVE-2007-6358 (pdftops.pl before 1.20 in alternate pdftops filter allows local users ...)
 	{DSA-1437-1}
 	- cups 1.3.5-1 (low; bug #456960)
-	- cupsys <removed> (low; bug #456960)
+	- cupsys 1.3.5-1 (low; bug #456960)
 	[sarge] - cupsys <no-dsa> (Minor issue)
 	NOTE: the debian package is a bit confusing here as it also ships a pdftops
 	NOTE: wrapper script as an example but the original script is installed
@@ -2063,11 +2063,11 @@ CVE-2007-5850 (Heap-based buffer overflow in Desktop Services in Apple Mac OS X
 	NOT-FOR-US: Desktop Services (Apple Mac OS X)
 CVE-2007-5849 (Integer underflow in the asn1_get_string function in the SNMP back end ...)
 	{DSA-1437-1}
-	- cupsys <removed> (medium; bug #457453)
+	- cupsys 1.3.5-1 (medium; bug #457453)
 	- cups 1.3.5-1 (medium; bug #457453)
 	[sarge] - cupsys <not-affected> (Vulnerable code not present)
 CVE-2007-5848 (Buffer overflow in CUPS in Apple Mac OS X 10.4.11 allows local admin ...)
-	- cupsys <removed>
+	- cupsys 1.2.0
 	- cups 1.2.0
 	NOTE: This only affects the Cups 1.1 series
 	[sarge] - cupsys <no-dsa> (Minor issue, may only lead to an infinite loop)
@@ -3091,7 +3091,6 @@ CVE-2007-5393 (Heap-based buffer overflow in the CCITTFaxStream::lookChar method
 	- xpdf 3.02-1.3 (medium; bug #450629)
 	- koffice 1:1.6.3-4 (medium; bug #450631)
 	- libextractor 0.5.9-1
-	- cupsys <removed>
 	- cups 1.1.22-7
 	- gpdf <removed>
 	- pdftohtml <removed>
@@ -3099,6 +3098,7 @@ CVE-2007-5393 (Heap-based buffer overflow in the CCITTFaxStream::lookChar method
 	- tetex-bin 3.0-12
 	NOTE: pdftex links to poppler since 3.0-12, thus marking as fixed
 	- cups <not-affected> (we use xpdf-utils in sarge and poppler-utils since etch to not embedd this code)
+	- cupsys <not-affected> (we use xpdf-utils in sarge and poppler-utils since etch to not embedd this code)
 	NOTE: cups uses xpdf-utils and poppler-utils
 	- libextractor 0.5.12-1
 	NOTE: libextractor uses internal pdf decoder since 0.5.12-1, thus marking as fixed
@@ -3118,6 +3118,7 @@ CVE-2007-5392 (Integer overflow in the DCTStream::reset method in xpdf/Stream.cc
 	- tetex-bin 3.0-12
 	NOTE: pdftex links to poppler since 3.0-12, thus marking as fixed
 	- cups <not-affected> (we use xpdf-utils in sarge and poppler-utils since etch to not embedd this code)
+	- cupsys <not-affected> (we use xpdf-utils in sarge and poppler-utils since etch to not embedd this code)
 	NOTE: cups uses xpdf-utils and poppler-utils
 	- libextractor 0.5.12-1
 	NOTE: libextractor uses internal pdf decoder since 0.5.12-1, thus marking as fixed
@@ -5608,7 +5609,7 @@ CVE-2007-4352 (Array index error in the DCTStream::readProgressiveDataUnit metho
 	- xpdf 3.02-1.3 (medium; bug #450629)
 	- koffice 1:1.6.3-4 (medium; bug #450631)
 	- libextractor 0.5.9-1
-	- cupsys <removed>
+	- cupsys 1.1.22-7
 	- cups 1.1.22-7
 	- gpdf <removed>
 	- pdftohtml <removed>
@@ -5616,12 +5617,13 @@ CVE-2007-4352 (Array index error in the DCTStream::readProgressiveDataUnit metho
 	- tetex-bin 3.0-12
 	NOTE: pdftex links to poppler since 3.0-12, thus marking as fixed
 	- cups <not-affected> (we use xpdf-utils in sarge and poppler-utils since etch to not embedd this code)
+	- cupsys <not-affected> (we use xpdf-utils in sarge and poppler-utils since etch to not embedd this code)
 	NOTE: cups uses xpdf-utils and poppler-utils
 	- libextractor 0.5.12-1
 	NOTE: libextractor uses internal pdf decoder since 0.5.12-1, thus marking as fixed
 CVE-2007-4351 (Off-by-one error in the ippReadIO function in cups/ipp.c in CUPS 1.3.3 ...)
 	{DSA-1407-1 DTSA-81-1}
-	- cupsys <removed> (medium; bug #448866)
+	- cupsys 1.3.4-1 (medium; bug #448866)
 	- cups 1.3.4-1 (medium; bug #448866)
 	[sarge] - cupsys <not-affected> (Only vulnerable to code injection since 1.2.x, effects are harmless otherwise)
 CVE-2007-4350
@@ -6299,7 +6301,7 @@ CVE-2007-4047 (geoBlog (aka BitDamaged) 1 does not require authentication for (1
 CVE-2007-4046 (SQL injection vulnerability in index.php in the Pony Gallery ...)
 	NOT-FOR-US: Pony Gallery
 CVE-2007-4045 (The CUPS service, as used in SUSE Linux before 20070720 and other ...)
-	- cupsys <removed>
+	- cupsys 1.2
 	- cups 1.2 
 	NOTE: Since 1.2 allocation has changed and this issue is no longer exploitable
 CVE-2007-4044
@@ -7832,7 +7834,7 @@ CVE-2007-3387 (Integer overflow in the StreamPredictor::StreamPredictor function
 	[etch] - pdftohtml 0.36-13etch1
 	- tetex-bin 3.0-12
 	NOTE: pdftex links to poppler since 3.0-12, thus marking as fixed
-	- cupsys <removed> (unimportant; bug #436099)
+	- cupsys <not-affected> (unimportant; bug #436099)
 	- cups <not-affected> (unimportant; bug #436099)
 	NOTE: cups uses xpdf-utils
 	- pdfkit.framework 0.8-4
@@ -14120,7 +14122,7 @@ CVE-2007-0721 (Unspecified vulnerability in diskimages-helper in Apple Mac OS X
 	NOT-FOR-US: Apple Mac
 CVE-2007-0720 (The CUPS service on multiple platforms allows remote attackers to ...)
 	- cups 1.2.7-1 (bug #434734; low)
-	- cupsys <removed> (bug #434734; low)
+	- cupsys 1.2.7-1 (bug #434734; low)
 	[sarge] - cupsys <no-dsa> (Minor, conceptual design problem)
 	[etch] - cupsys <no-dsa> (Minor, conceptual design problem)
 CVE-2007-0719 (Stack-based buffer overflow in Apple Mac OS X 10.3.9 and 10.4 through ...)
diff --git a/data/CVE/2008.list b/data/CVE/2008.list
index fe2d45ced0..853a7c1993 100644
--- a/data/CVE/2008.list
+++ b/data/CVE/2008.list
@@ -2101,7 +2101,7 @@ CVE-2008-1723
 	RESERVED
 CVE-2008-1722 (Multiple integer overflows in (1) filter/image-png.c and (2) ...)
 	- cups 1.3.7-2 (medium; bug #476305)
-	- cupsys <removed> (medium; bug #476305)
+	- cupsys 1.3.7-2 (medium; bug #476305)
 CVE-2008-1721 (Integer signedness error in the zlib extension module in Python 2.5.2 ...)
 	{DSA-1551-1}
 	- python2.4 2.4.5-2
@@ -2917,11 +2917,11 @@ CVE-2008-1375 (Race condition in the directory notification subsystem (dnotify)
 	{DSA-1565-1}
 	- linux-2.6 2.6.25-2 (low)
 CVE-2008-1374 (Integer overflow in pdftops filter in CUPS in Red Hat Enterprise Linux ...)
-	- cupsys <removed>
+	- cupsys <not-affected> (Redhat-specific incomplete patch, upstream patch is complete)
 	- cups <not-affected> (Redhat-specific incomplete patch, upstream patch is complete)
 CVE-2008-1373 (Buffer overflow in the gif_read_lzw in CUPS 1.3.6 allows remote ...)
 	{DTSA-122-1}
-	- cupsys <removed> (medium)
+	- cupsys 1.3.7-1 (medium)
 	- cups 1.3.7-1 (medium)
 CVE-2008-1372 (bzlib.c in bzip2 before 1.0.5 allows user-assisted remote attackers to ...)
 	- bzip2 1.0.5-0.1 (low; bug #471670)
@@ -4058,7 +4058,7 @@ CVE-2008-0884 (The Replace function in the capp-lspp-config script in the (1) ..
 	NOTE: Seems Redhat specific
 CVE-2008-0882 (Double free vulnerability in the process_browse_data function in CUPS ...)
 	{DSA-1530-1 DTSA-117-1}
-	- cupsys <removed> (medium; bug #467653)
+	- cupsys 1.3.6-1 (medium; bug #467653)
 	- cups 1.3.6-1 (medium; bug #467653)
 	[sarge] - cupsys <no-dsa> (Remote DoS is minor issue)
 CVE-2008-0881 (SQL injection vulnerability in modules.php in the Okul 1.0 module for ...)
@@ -4673,10 +4673,10 @@ CVE-2008-0598
 	RESERVED
 CVE-2008-0597 (Use-after-free vulnerability in CUPS before 1.1.22, and possibly other ...)
 	- cups 1.2
-	- cupsys <removed>
+	- cupsys 1.2
 	NOTE: (mimeDeleteType included since 1.2.x
 CVE-2008-0596 (Memory leak in CUPS before 1.1.22, and possibly other versions, allows ...)
-	- cupsys <removed>
+	- cupsys 1.3.6
 	- cups 1.3.6
 	NOTE: version in unstable has better array handling and is not vulnerable, exact version unknown
 	TODO: validate exact fixed version
@@ -5955,7 +5955,7 @@ CVE-2008-0055 (Foundation in Apple Mac OS X 10.4.11 creates world-writable ...)
 CVE-2008-0054 (Foundation in Apple Mac OS X 10.4.11 might allow context-dependent ...)
 	NOT-FOR-US: Apple Mac OS X
 CVE-2008-0053 (Multiple buffer overflows in the HP-GL/2-to-PostScript filter in CUPS ...)
-	- cupsys <removed>
+	- cupsys 1.3.6-1
 	- cups 1.3.6-1
 	NOTE: https://bugzilla.redhat.com/attachment.cgi?id=298651
 CVE-2008-0052 (CoreServices in Apple Mac OS X 10.4.11 treats .ief as a safe file ...)
@@ -5970,7 +5970,7 @@ CVE-2008-0048 (Stack-based buffer overflow in AppKit in Apple Mac OS X 10.4.11 a
 	NOT-FOR-US: Apple Mac OS X
 CVE-2008-0047 (Heap-based buffer overflow in the cgiCompileSearch function in CUPS ...)
 	{DSA-1530-1}
-	- cupsys <removed> (medium; bug #472105)
+	- cupsys 1.3.6-3 (medium; bug #472105)
 	- cups 1.3.6-3 (medium; bug #472105)
 	[sarge] - cupsys <not-affected> (Vulnerable code not present)
 CVE-2008-0046 (The Application Firewall in Apple Mac OS X 10.5.2 has an incorrect ...)
author	Nico Golde <nion@debian.org>	2008-06-16 15:57:15 +0000
committer	Nico Golde <nion@debian.org>	2008-06-16 15:57:15 +0000
commit	71b86aff4ae00abd7fe4332419b2a811cf946b11 (patch)
tree	b8b79bb978e30921903a74e01aaa36cd02bcceb4
parent	61d58efa7a046bb0026441f0e472113fd1d082fd (diff)