[SECURITY] [DSA 3411-1] cups-filters security update

From: Moritz Muehlenhoff <jmm@debian.org>
To: bugtraq@securityfocus.com
Cc:
Subject: [SECURITY] [DSA 3411-1] cups-filters security update
Date:


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

- -------------------------------------------------------------------------
Debian Security Advisory DSA-3411-1                   security@debian.org
https://www.debian.org/security/                       Moritz Muehlenhoff
December 02, 2015                     https://www.debian.org/security/faq
- -------------------------------------------------------------------------

Package        : cups-filters
CVE ID         : CVE-2015-8327

Michal Kowalczyk discovered that missing input sanitising in the
foomatic-rip print filter might result in the execution of arbitrary
commands.

The oldstable distribution (wheezy) is not affected.

For the stable distribution (jessie), this problem has been fixed in
version 1.0.61-5+deb8u2.

For the unstable distribution (sid), this problem has been fixed in
version 1.2.0-1.

We recommend that you upgrade your cups-filters packages.

Further information about Debian Security Advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://www.debian.org/security/

Mailing list: debian-security-announce@lists.debian.org
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2

iQIcBAEBCAAGBQJWX3HGAAoJEBDCk7bDfE42+nIP/iHuySUFCofOIdwME6MR1z6+
M2Xaun2vyTwQUSeZNXxShMlobOId+k9noC731lk6yUFide4x0cohS0BoElen0i59
HJA1Kr1rt2O0bEP/YhrmTPvnIAu35dzYmdi5T4bEE8npfdRNql+Wd6uN3TSCtnrO
7z9tvnKqNahVRQMZR7C3lGX5Xo8+wZL3PWEjhxpY/mByB82X9q9gyxXywxgrbsqi
Ejbr7Ql17pFH3zzr3PotHj5foNeqLgI6GJSAVJ+ItfEAFET0oMIOnsOIDvBD171o
7V/hfBiSCWX0ERdJQuwmAptzAni78JLFGtepxUgBtiPZXQ4rWnBHvmGXRPZaKapP
8BfGoRTzR8cVHB09Jv8S4NiJbxRoaZ+ZsJl812fgpFOB+4/bo9j3eoZKqiEhk798
PMNRFyy7XhBwe6LJIULQg4M0tGb7TdqM8ju+1bDBlGjVjzfxKZAsP6BPsVxqc9lf
QTiyKcL4vyhu0M30Vn2qQSBinCo+9mzeOF/ciHNOZVCwpp/oFLfzDdyUnUqhoRq+
rVzmwydlcMz1HB555/e7+Rwx8XwY8SBOzYG72uE0SD1PIHspJNzysJ4O/VYcSES+
xnj5Q5b524OOlNVzSMggd4xZ+1yOaVl7BLiBERTCKYB52AT730kzo1RPTQs2t3KY
zei+MhbxfOud+XjDhKIY
=idqQ
-----END PGP SIGNATURE-----





Copyright © 1995-2018 LinuxRocket.net. All rights reserved.