Note:
If the NO-LIBTOOL-FIX flag is not set we export the LIBTOOL environment
variable, especially for cross-build helping to pickup the right libtool.
The Cups build environment doesn't officially support libtool based builds
and they clearly warn to use it to build cups, but their Makefiles are not
properly prepared for the case the LIBTOOL env var is exported.
CVE-2008-0053 (High) :
Multiple buffer overflows in the HP-GL/2-to-PostScript filter in CUPS before 1.3.6 might allow
remote attackers to execute arbitrary code via a crafted HP-GL/2 file.
CVE-2008-1373 (High) :
Buffer overflow in the gif_read_lzw in CUPS 1.3.6 allows remote attackers to have an unknown
impact via a GIF file with a large code_size value, a similar issue to CVE-2006-4484.
Aldas Nabazas
Christian Wiese
Alejandro Mery
Alejandro Mery
Christian Wiese