You are here
Home > Preporuke > Sigurnosni propust programskog paketa foomatic-filters

Sigurnosni propust programskog paketa foomatic-filters

by ncert - 0
  • Detalji os-a: LUB
  • Važnost: IMP
  • Operativni sustavi: L
  • Kategorije: LUB

==========================================================================
Ubuntu Security Notice USN-2831-2
December 07, 2015

foomatic-filters vulnerability
==========================================================================

A security issue affects these releases of Ubuntu and its derivatives:

– Ubuntu 12.04 LTS

Summary:

foomatic-filters could be made to run programs as the lp user if it
processed a specially crafted print job.

Software Description:
– foomatic-filters: OpenPrinting printer support – filters

Details:

Michal Kowalczyk discovered that the foomatic-filters foomatic-rip filter
incorrectly stripped shell escape characters. A remote attacker could
possibly use this issue to execute arbitrary code as the lp user.

Update instructions:

The problem can be corrected by updating your system to the following
package versions:

Ubuntu 12.04 LTS:
foomatic-filters 4.0.16-0ubuntu0.3

In general, a standard system update will make all the necessary changes.

References:
http://www.ubuntu.com/usn/usn-2831-2
http://www.ubuntu.com/usn/usn-2831-1
CVE-2015-8327

Package Information:
https://launchpad.net/ubuntu/+source/foomatic-filters/4.0.16-0ubuntu0.3

—–BEGIN PGP SIGNATURE—–
Version: GnuPG v2

iQIcBAEBCgAGBQJWZZS3AAoJEGVp2FWnRL6Tt6QP/0bYyLqDSTo7BrJROxTGzltz
mFjfsms77fLU4NB1vNak3WvzBFu7UsJlvXRuXpL0JoXkirs+IcY35ByFX3s0Rm0F
qGtqkN6sWZujFvu3rrnBrqOrQ/IXDfmvWaaN1OxLw+v8EChJJUCTTJ6S0grIMfvN
1ZMfN5xg3RDOtUiplDDdmEKcSICH8KEToIshZzh7jUkcgYuvFIbUvJrxxeLzZReG
KN48JJpk1OiADsn2LUE8YsuVZzGk4CzwCtHRXBEKbwsNqodduPQQB3a6rkYDM9xq
9ggNu4HD4jIMu3GXOm9b0FvqX1Eh1mnUwKYHDNhLaD2cXd8QNe0JRlmV8OQQ4aHu
IigsGa6n6gTcOACXyKHd6Js3WPDOYaC1EeSxUlKyKYfk7BZA+S7CE4/4E9Mgv8Md
MjAtzVG+eKL4/+QdhgrHxo6aFaOKIRB2TinZYOgfXbJDjgMseMR4Gwps8zjNCGQ4
XIA2HL5x3oFGHcaFY/WYQLflt8nH3qptpol6TnDrDByhn7MS2vIYj3Ke22BG7Jq7
fKAH7TnBDKYVnJ2C/ppG7lf/gWuQB8fU+J89EP8tG2la/FeR4cebzqRrmKE9MMxz
WTAd1mPJumTlgZUA0KSHCZZ3D0bhZTRF9j+u/OFYqtY8TSb47hm8HRw5M73MEXOF
Xf75KkSqoxwbozzVqV05
=CVj3
—–END PGP SIGNATURE—–

AutorTomislav Protega
Cert idNCERT-REF-2015-12-0014-ADV
CveCVE-2015-8327
ID izvornikaUSN-2831-2
Proizvodfoomatic-filters
Izvorhttp://www.ubuntu.com
ncert
Top
More in Preporuke
Sigurnosni propust programskog paketa cups-filter

Otkriven je sigurnosni propust u programskom paketu cups-filter za Ubuntu 14.04 LTS, 15.04 i 15.10. Problem se očitovao neispravnom obradom...

Close