[ MDVSA-2015:196 ] cups-filters

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

 _______________________________________________________________________

 Mandriva Linux Security Advisory                         MDVSA-2015:196
 http://www.mandriva.com/en/support/security/
 _______________________________________________________________________

 Package : cups-filters
 Date    : April 7, 2015
 Affected: Business Server 2.0
 _______________________________________________________________________

 Problem Description:

 Updated cups-filters package fixes security vulnerability:
 
 cups-browsed in cups-filters before 1.0.66 contained a bug in the
 remove_bad_chars() function, where it failed to reliably filter
 out illegal characters if there were two or more subsequent illegal
 characters, allowing execution of arbitrary commands with the rights
 of the lp user, using forged print service announcements on DNS-SD
 servers (CVE-2015-2265).
 _______________________________________________________________________

 References:

 http://cve.mit

007 Software

[ MDVSA-2015:196 ] cups-filters

Leave a Reply Cancel reply

Software and Security Information