ALT-PU-2016-1627-1
Package cups-filters updated to version 1.9.0-alt1 for branch sisyphus in task 166165.
Closed vulnerabilities
Published: 2015-12-17
BDU:2016-00006
Уязвимость фильтра печати Foomatic и операционной системы Ubuntu, позволяющая нарушителю выполнить произвольные команды
Severity: HIGH (7.5)
References:
Published: 2015-12-17
Modified: 2024-11-21
Modified: 2024-11-21
CVE-2015-8327
Incomplete blacklist vulnerability in util.c in foomatic-rip in cups-filters 1.0.42 before 1.2.0 and in foomatic-filters in Foomatic 4.0.x allows remote attackers to execute arbitrary commands via ` (backtick) characters in a print job.
Severity: HIGH (7.5)
References:
- http://bzr.linuxfoundation.org/loggerhead/openprinting/cups-filters/annotate/head:/NEWS
- http://bzr.linuxfoundation.org/loggerhead/openprinting/cups-filters/annotate/head:/NEWS
- http://bzr.linuxfoundation.org/loggerhead/openprinting/cups-filters/revision/7406
- http://bzr.linuxfoundation.org/loggerhead/openprinting/cups-filters/revision/7406
- openSUSE-SU-2016:0179
- openSUSE-SU-2016:0179
- RHSA-2016:0491
- RHSA-2016:0491
- DSA-3411
- DSA-3411
- DSA-3429
- DSA-3429
- http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html
- http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html
- 78524
- 78524
- USN-2831-1
- USN-2831-1
- USN-2831-2
- USN-2831-2
- https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=806886
- https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=806886
- [debian-printing] 20151126 cups-filters 1.2.0 released!
- [debian-printing] 20151126 cups-filters 1.2.0 released!
- [debian-printing] 20151201 Re: cups-filters 1.2.0 released!
- [debian-printing] 20151201 Re: cups-filters 1.2.0 released!
Published: 2016-04-14
Modified: 2024-11-21
Modified: 2024-11-21
CVE-2015-8560
Incomplete blacklist vulnerability in util.c in foomatic-rip in cups-filters 1.0.42 before 1.4.0 and in foomatic-filters in Foomatic 4.0.x allows remote attackers to execute arbitrary commands via a ; (semicolon) character in a print job, a different vulnerability than CVE-2015-8327.
Severity: HIGH (7.3)
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L
References:
- http://bzr.linuxfoundation.org/loggerhead/openprinting/cups-filters/annotate/head:/NEWS
- http://bzr.linuxfoundation.org/loggerhead/openprinting/cups-filters/annotate/head:/NEWS
- http://bzr.linuxfoundation.org/loggerhead/openprinting/cups-filters/revision/7419
- http://bzr.linuxfoundation.org/loggerhead/openprinting/cups-filters/revision/7419
- RHSA-2016:0491
- RHSA-2016:0491
- DSA-3419
- DSA-3419
- DSA-3429
- DSA-3429
- [oss-security] 20151213 CVE Request: Cups Filters/Foomatic Filters: Does not consider semicolon as an illegal shell escape character
- [oss-security] 20151213 CVE Request: Cups Filters/Foomatic Filters: Does not consider semicolon as an illegal shell escape character
- [oss-security] 20151214 Re: CVE Request: Cups Filters/Foomatic Filters: Does not consider semicolon as an illegal shell escape character
- [oss-security] 20151214 Re: CVE Request: Cups Filters/Foomatic Filters: Does not consider semicolon as an illegal shell escape character
- http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html
- http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html
- USN-2838-1
- USN-2838-1
- USN-2838-2
- USN-2838-2