drucken bookmarks versenden konfigurieren admin pdf Sicherheit: Zwei Probleme in Common UNIX Printing System
Name: |
Zwei Probleme in Common UNIX Printing System |
|
ID: |
DSA-3283-1 |
|
Distribution: |
Debian |
|
Plattformen: |
Debian sid, Debian wheezy, Debian jessie |
|
Datum: |
Mi, 10. Juni 2015, 07:09 |
|
Referenzen: |
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1158
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1159 |
|
Applikationen: |
Common UNIX Printing System |
|
Originalnachricht |
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512
- ------------------------------------------------------------------------- Debian Security Advisory DSA-3283-1 security@debian.org https://www.debian.org/security/ Salvatore Bonaccorso June 09, 2015 https://www.debian.org/security/faq - -------------------------------------------------------------------------
Package : cups CVE ID : CVE-2015-1158 CVE-2015-1159
It was discovered that CUPS, the Common UNIX Printing System, is vulnerable to a remotely triggerable privilege escalation via cross-site scripting and bad print job submission used to replace cupsd.conf on the CUPS server.
For the oldstable distribution (wheezy), these problems have been fixed in version 1.5.3-5+deb7u6.
For the stable distribution (jessie), these problems have been fixed in version 1.7.5-11+deb8u1.
For the unstable distribution (sid), these problems have been fixed in version 1.7.5-12.
We recommend that you upgrade your cups packages.
Further information about Debian Security Advisories, how to apply these updates to your system and frequently asked questions can be found at: https://www.debian.org/security/
Mailing list: debian-security-announce@lists.debian.org -----BEGIN PGP SIGNATURE----- Version: GnuPG v1
iQIcBAEBCgAGBQJVd0tJAAoJEAVMuPMTQ89EY3AQAJgNcIGHoYtwo8gKZUY3FR17 rQ0YIDOcITHGNBz8CUvg1k5FdpRx5xj9hrOj1jWmbtq0jNnreUf9j2VzNYRZ1vHU VFNWeGZFeWjKMUuk9W+vVignldkslvSGWu4bM9rHVWBTHApydp4VOZR7Va75bLru PiOq9rARGSWwEUrTscpujEYe5uvpeq8secQrnevhC0L219GzNKpiPmOFRk2wBlzx dhYTPQ516EHBg75R8t/S/hmOmVRNSZzhOro/9Dv2ldmy2hHAzBSyu5o0Wa4Bc8Rr N9gn7aXM+7B+jY9qvhXhstQBBQAAGbIJnGvSKTdzPnzzZo/iFVUZkIO6VH9+bdvj u5/XG0k2ZarcVIIR/6CR0GQFrt7xnx0EQ1OhjztzwH8hOeKp3PSXOv/tODU5Yer+ 5UkRkPJZpWppJ9z10/QQc/k6PbGdpodpdOvchbQJRcg8OcYun+rg+G+9+yk7Srkc 3VkQ1WYlLT5hn6o0XQtvqnfUjGpy8RvnAbzCA9gscO8w0IIykQc2UYtcPYpwcfQg vyd0n68+8fw6q2EOB8HNPBwvT8v+K+XT4/0vTdmZYFeFV36Ca//7ehQ0CRj/kIFJ pG/ucF2/5aie2hQpXQx13OqMc0ZTwetbKVrjIorH21dTZFGnezal9aAGzliVl8lP /fC+tztvQSK8xLlNonrz =PByh -----END PGP SIGNATURE-----
-- To UNSUBSCRIBE, email to debian-security-announce-REQUEST@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org Archive: https://lists.debian.org/E1Z2Q4m-00027i-Mk@master.debian.org
|
|
|
|