Severity: critical thanks
On Thu 25 Oct 2018 at 12:50:25 +0100, Brian Potkin wrote: > Package: okular > Version: 4:17.12.2-2 > Severity: critical > Tags: upstream security > > > > "critical" because a document should always go to where it is sent. > Please reduce the severity if I have overestimated the security > implications. > > The CUPS version being used is 2.2.8-5 and cups-browsed is not running. > The issue was encountered while taking another look at #911702. > > brian@test:~$ lpstat -e > aaa > realq_desktop > test > > aaa and test are local queues set up with > > lpadmin -p <destination> -v file:/home/brian/capture -E -m > drv:///sample.drv/generic.ppd > > and realq_desktop is a queue on a remote machine. > > Okular was started from a terminal. Printing to realq_desktop produces an > output of > > request id is aaa-41 (1 file(s)) > > The job is always sent to a local queue when its destination precedes > realq_desktop alphabetically. > > Removing the aaa queue gets > > /usr/bin/lp: No such file of directory (which is #911702) > > I believe printing from LibreOffice to be based on the same principles > as printing from Okular. Printing from that application is not an issue. > qpdfview is another affected application. I have retested this. There is no change on the present unstable. I cannot see why a confidential print job going to a staff printer is anything but a security issue. Maybe this is something that merits the tag of normal but explanations are in short supply. Regards, Brian.