Your message dated Sun, 27 Dec 2015 21:47:42 +0000
with message-id <[email protected]>
and subject line Bug#807993: fixed in foomatic-filters 4.0.17-1+deb7u1
has caused the Debian Bug report #807993,
regarding foomatic-filters: CVE-2015-8560: code execution via improper escaping
of ; in foomatic-rip
to be marked as done.
This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.
(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact [email protected]
immediately.)
--
807993: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=807993
Debian Bug Tracking System
Contact [email protected] with problems
--- Begin Message ---
Source: foomatic-filters
Version: 4.0.5-6
Severity: important
Tags: security upstream patch
Hi,
the following vulnerability was published for foomatic-filters, this
is in addition to CVE-2015-8327.
CVE-2015-8560[0]:
code execution via improper escaping of ; in foomatic-rip
If you fix the vulnerability please also make sure to include the
CVE (Common Vulnerabilities & Exposures) id in your changelog entry.
For further information see:
[0] https://security-tracker.debian.org/tracker/CVE-2015-8560
Regards,
Salvatore
--- End Message ---
--- Begin Message ---
Source: foomatic-filters
Source-Version: 4.0.17-1+deb7u1
We believe that the bug you reported is fixed in the latest version of
foomatic-filters, which is due to be installed in the Debian FTP archive.
A summary of the changes between this version and the previous one is
attached.
Thank you for reporting the bug, which will now be closed. If you
have further comments please address them to [email protected],
and the maintainer will reopen the bug report if appropriate.
Debian distribution maintenance software
pp.
Salvatore Bonaccorso <[email protected]> (supplier of updated foomatic-filters
package)
(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing [email protected])
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512
Format: 1.8
Date: Sun, 20 Dec 2015 21:55:22 +0100
Source: foomatic-filters
Binary: foomatic-filters
Architecture: source amd64
Version: 4.0.17-1+deb7u1
Distribution: wheezy-security
Urgency: high
Maintainer: Debian Printing Group <[email protected]>
Changed-By: Salvatore Bonaccorso <[email protected]>
Description:
foomatic-filters - OpenPrinting printer support - filters
Closes: 806886 807993
Changes:
foomatic-filters (4.0.17-1+deb7u1) wheezy-security; urgency=high
.
* Non-maintainer upload by the Security Team.
* Add CVE-2015-8327.patch patch.
CVE-2015-8327: foomatic-rip did not consider the back tick as an illegal
shell escape character allowing arbitrary code execution. (Closes: #806886)
* Add CVE-2015-8560.patch patch.
CVE-2015-8560: code execution via improper escaping of ; (semicolon).
(Closes: #807993)
Checksums-Sha1:
2246f98e82d4f74598fa93ef7180451fdbf5ac90 2098
foomatic-filters_4.0.17-1+deb7u1.dsc
bde0cf8bcc61cb1e7c894b7125348fb95efa8c60 266276
foomatic-filters_4.0.17.orig.tar.gz
e58dab696efe1aa55a0df3a4e5012bf1aeb13b65 52815
foomatic-filters_4.0.17-1+deb7u1.debian.tar.gz
1396874be7aa19e4373095ba94381b5767d90719 163626
foomatic-filters_4.0.17-1+deb7u1_amd64.deb
Checksums-Sha256:
79bd64b48caefb6fe5673ea04f4d5c2b9d22b9ca4f529a0f1c3a3042c34a3d9a 2098
foomatic-filters_4.0.17-1+deb7u1.dsc
a2e2e53e502571e88eeb9010c45a0d54671f15707ee104f5c9c22b59ea7a33e3 266276
foomatic-filters_4.0.17.orig.tar.gz
d69e64604f844538aff02705d1c2db43f92c976a934b859b59f5d6cf1247adc1 52815
foomatic-filters_4.0.17-1+deb7u1.debian.tar.gz
4d7f2fd6c8c094e1c2bec1787afd2ed449d327a5bcc030d14fa44de986bf3d47 163626
foomatic-filters_4.0.17-1+deb7u1_amd64.deb
Files:
5287a8f6bb50d09aff7cfd2037258e70 2098 text optional
foomatic-filters_4.0.17-1+deb7u1.dsc
b05f5dcbfe359f198eef3df5b283d896 266276 text optional
foomatic-filters_4.0.17.orig.tar.gz
abe90fb7e6f02b455af0de088bf0affc 52815 text optional
foomatic-filters_4.0.17-1+deb7u1.debian.tar.gz
4d8365f249ac743911d01c822ba38df8 163626 text optional
foomatic-filters_4.0.17-1+deb7u1_amd64.deb
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1
iQIcBAEBCgAGBQJWdxdmAAoJEAVMuPMTQ89EhY0QAIdV1lmqp60SxZHsVGg9+RNK
PDf17ucQLUi16bKOBq3iyq76aFYTEZ946FaGF/k8F/rSTqzi8ceKKRu9qePwT/Lx
AlfukWHN9Vb4+3eRRolw0EGkgSPXvUVs/zbbeeQKZnL8VcwYSKrlZUZjtgm6MQrZ
xeb3rJ/SfLyUSkdgD8gvjvrvk5OYc8FcL0z9JfvwhA3QPrCuTtf5lxVRvpFvZ3y6
6rz6pfLiuBoJfhtiKaOEldgQZYUfKs/lR2InGq2cScX4FTNxYXs2if3CCq+aR85d
2CdTgrms+t6C9jwktAo/zDlQN5U+f8fjR84qjshklodGq2RBRzYIb0pluXBzOYOu
Uy9NgFHOvtOkY/1h4sp0KBLQwfz5MZRng18cnJNBj0r1tJoHh8khQV5hjyyIPnC1
IYCNqdhr3K0SesPk4WP/ejeTiy5Tn5k8uayFFRK/UavK6eXxF42x/Mg2gnXD1KZL
QgsB1At6Dyn0nVmFC9TaslHaMz4PgoQnDF7W6LYcKTg22G3MvgYlzRcuecfJsQjq
b2sukzDTez3oyC1nSIk/RFneWcknlNnVrz9K2XQhSs4jpwQBhFPggXEFLiExHAwa
8ipCb5Qq8TDXMYRgeMCj+8dQ2J4xHrROQ+3dZ95JKpM1PRKrnpoG6Yah/Fu5UU0r
twOMbxhIOVVi7y+aF5tN
=R+1m
-----END PGP SIGNATURE-----
--- End Message ---
