drucken bookmarks versenden konfigurieren admin pdf Sicherheit: Ausführen beliebiger Kommandos in foomatic
| Name: |
Ausführen beliebiger Kommandos in foomatic
|
|
| ID: |
FEDORA-2004-303 |
|
| Distribution: |
Fedora |
|
| Plattformen: |
Fedora Core 2 |
|
| Datum: |
Mi, 22. September 2004, 13:00 |
|
| Referenzen: |
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-0801 |
|
| Applikationen: |
Foomatic |
|
Originalnachricht |
---------------------------------------------------------------------
Fedora Update Notification
FEDORA-2004-303
2004-09-21
---------------------------------------------------------------------
Product : Fedora Core 2
Name : foomatic
Version : 3.0.1
Release : 3.1
Summary : Foomatic printer database.
Description :
Foomatic is a comprehensive, spooler-independent database of printers,
printer drivers, and driver descriptions. It contains utilities to
generate driver description files and printer queues for CUPS, LPD,
LPRng, and PDQ using the database. There is also the possibility to
read the PJL options out of PJL-capable laser printers and take them
into account at the driver description file generation.
There are spooler-independent command line interfaces to manipulate
queues (foomatic-configure) and to print files/manipulate jobs
(foomatic printjob).
The site http://www.linuxprinting.org/ is based on this database.
---------------------------------------------------------------------
Update Information:
Sebastian Krahmer reported a bug in the cupsomatic and foomatic-rip print
filters, used by the CUPS print spooler. An attacker who has printing
access could send a carefully named file to the print server causing
arbitrary commands to be executed as root. The Common Vulnerabilities and
Exposures project (cve.mitre.org) has assigned the name CAN-2004-0801 to
this issue.
---------------------------------------------------------------------
* Fri Sep 10 2004 Tim Waugh <twaugh@redhat.com> 3.0.1-3.1
- Fix security issue (CAN-2004-0801, bug #130951). Patch from Till
Kamppeter.
---------------------------------------------------------------------
This update can be downloaded from:
http://download.fedora.redhat.com/pub/fedora/linux/core/updates/2/
cab9692a6b2b0161f73b1b9039c6f491 SRPMS/foomatic-3.0.1-3.1.src.rpm
46227411cf108d7436169f198514aca0 x86_64/foomatic-3.0.1-3.1.x86_64.rpm
ea451e8bd0b25fbcd5d22faad369a4fb
x86_64/debug/foomatic-debuginfo-3.0.1-3.1.x86_64.rpm
571e627239ed4bb5c53d7298f54a56de i386/foomatic-3.0.1-3.1.i386.rpm
7eac2a20ce6fd91a7be07c9b797d3fc6
i386/debug/foomatic-debuginfo-3.0.1-3.1.i386.rpm
This update can also be installed with the Update Agent; you can
launch the Update Agent with the 'up2date' command.
---------------------------------------------------------------------
--
fedora-announce-list mailing list
fedora-announce-list@redhat.com
http://www.redhat.com/mailman/listinfo/fedora-announce-list
|
|
|
|
