This bug was fixed in the package cups-filters - 1.0.52-0ubuntu1.1
---------------
cups-filters (1.0.52-0ubuntu1.1) trusty-security; urgency=medium
* SECURITY UPDATE: arbitrary code injection via malicous print servers
(LP: #1316229)
- debian/patches/CVE-2014-2707-part2.patch: also sanitize remote
queue name in utils/cups-browsed.c.
- CVE number pending
* SECURITY UPDATE: BrowseAllow option fails open (LP: #1316229)
- debian/patches/fix_browseallow.patch: Deny access if BrowseAllow
option is invalid in utils/cups-browsed.c.
- CVE number pending
-- Marc Deslauriers <[email protected]> Mon, 05 May 2014 13:02:52
-0400
** Changed in: cups-filters (Ubuntu Trusty)
Status: In Progress => Fix Released
** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2014-2707
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1316229
Title:
cups-filters 1.0.53 security tracking bug
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/cups-filters/+bug/1316229/+subscriptions
--
ubuntu-bugs mailing list
[email protected]
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
