drucken bookmarks versenden konfigurieren admin pdf Sicherheit: Ausführen beliebiger Kommandos in cups-filters
Name: |
Ausführen beliebiger Kommandos in cups-filters |
|
ID: |
FEDORA-2015-3003 |
|
Distribution: |
Fedora |
|
Plattformen: |
Fedora 20 |
|
Datum: |
Sa, 14. März 2015, 00:16 |
|
Referenzen: |
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2707
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2265 |
|
Applikationen: |
cups-filters |
|
Originalnachricht |
Name : cups-filters Product : Fedora 20 Version : 1.0.53 Release : 6.fc20 URL : cups-filters Summary : OpenPrinting CUPS filters and backends Description : Contains backends, filters, and other software that was once part of the core CUPS distribution but is no longer maintained by Apple Inc. In addition it contains additional filters developed independently of Apple, especially filters for the PDF-centric printing workflow introduced by OpenPrinting.
------------------------------------------------------------------------------- - Update Information:
This fixes a security flaw in cups-browsed. ------------------------------------------------------------------------------- - ChangeLog:
* Mon Mar 2 2015 Jiri Popelka <jpopelka@redhat.com> - 1.0.53-6 cups-browsed: Fixed a security bug in the remove_bad_chars() failing to reliably filter out illegal characters. (upstream #1265) * Fri Jun 13 2014 Tim Waugh <twaugh@redhat.com> - 1.0.53-5 - Really fix execmem issue (bug #1079534). * Wed Jun 11 2014 Tim Waugh <twaugh@redhat.com> - 1.0.53-4 - Fix build issue (bug #1106101). * Fri Jun 6 2014 Tim Waugh <twaugh@redhat.com> - 1.0.53-3 - Don't use grep's -P switch in pstopdf as it needs execmem (bug #1079534). * Fri May 9 2014 Jiri Popelka <jpopelka@redhat.com> - 1.0.53-2 - Return Tim's work-around patch for bug #768811. * Mon Apr 28 2014 Jiri Popelka <jpopelka@redhat.com> - 1.0.53-1 - 1.0.53 * Wed Apr 2 2014 Jiri Popelka <jpopelka@redhat.com> - 1.0.41-6 - Remote command injection in cups-browsed (bug #1083327). * Tue Mar 11 2014 Jiri Popelka <jpopelka@redhat.com> - 1.0.41-5 - Don't ship pdftoopvp (#1027557) and urftopdf (#1002947). ------------------------------------------------------------------------------- - References:
[ 1 ] Bug #1199130 - CVE-2015-2265 cups-filters: remote command execution in remove_bad_chars() (incomplete fix for CVE-2014-2707) https://bugzilla.redhat.com/show_bug.cgi?id=1199130 ------------------------------------------------------------------------------- -
This update can be installed with the "yum" update program. Use su -c 'yum update cups-filters' at the command line. For more information, refer to "Managing Software with yum", available at http://docs.fedoraproject.org/yum/.
All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/keys ------------------------------------------------------------------------------- - _______________________________________________ package-announce mailing list package-announce@lists.fedoraproject.org https://admin.fedoraproject.org/mailman/listinfo/package-announce
|
|
|
|