[cups.bugs] Re: [LOW] STR #1608: CAN-2005-0064 missed check?

Michael Sweet mike at easysw.com
Wed Apr 26 11:22:32 PDT 2006


[STR Closed w/Resolution]

The patch isn't even correct; since keyLength is a signed integer, we
should check for <= 0, and the minimum key length that is supported by the
PDF spec is 40 bits or 5 bytes, so we really need to check for < 5 or > 16
bytes.

I've applied that change in r5465 and updated the priority of this STR to
reflect the actual severity.

Link: http://www.cups.org/str.php?L1608
Version: 1.2rc3
Fix Version: 1.2-current (r5465)





More information about the cups-devel mailing list