Severity: critical

On Thu 25 Oct 2018 at 12:50:25 +0100, Brian Potkin wrote:

> Package: okular
> Version: 4:17.12.2-2
> Severity: critical
> Tags: upstream security
> "critical" because a document should always go to where it is sent.
> Please reduce the severity if I have overestimated the security
> implications.
> The CUPS version being used is 2.2.8-5 and cups-browsed is not running.
> The issue was encountered while taking another look at #911702.
>  brian@test:~$ lpstat -e
>  aaa
>  realq_desktop
>  test
> aaa and test are local queues set up with
>  lpadmin -p <destination> -v file:/home/brian/capture -E -m 
> drv:///sample.drv/generic.ppd
> and realq_desktop is a queue on a remote machine.
> Okular was started from a terminal. Printing to realq_desktop produces an
> output of
>  request id is aaa-41 (1 file(s))
> The job is always sent to a local queue when its destination precedes
> realq_desktop alphabetically.
> Removing the aaa queue gets
>  /usr/bin/lp: No such file of directory (which is #911702)
> I believe printing from LibreOffice to be based on the same principles
> as printing from Okular. Printing from that application is not an issue.
> qpdfview is another affected application.

I have retested this. There is no change on the present unstable. I
cannot see why a confidential print job going to a staff printer is
anything but a security issue. Maybe this is something that merits
the tag of normal but explanations are in short supply.



Reply via email to