[cups-devel] [HIGH] STR #4455: Incomplete fix for CVE-2014-3537 (CVE-2014-5029/5030/5031)
Tim Waugh
noreply at cups.org
Mon Aug 11 08:28:33 PDT 2014
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512
DO NOT REPLY TO THIS MESSAGE. INSTEAD, POST ANY RESPONSES TO THE LINK BELOW.
[STR Resolved]
Note that STR #4461 also affects cupsd.conf, effectively breaking cupsctl
for all situations except the special case of cupsctl being able to read
the file directly.
Link: https://www.cups.org/str.php?L4455
Version: 1.7.4
Fix Version: 2.0-current (r12055)
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2.0.14 (GNU/Linux)
Comment: GPGTools - https://gpgtools.org
iQIcBAEBCgAGBQJT6OEhAAoJENujp6sI12IjKVMP/igNDtBPGA8QjYTrcG+Vp49Q
fNY+6hkya9SvgVvPwR6XhoO5MmU++eQrvkyZsMB5asvFdWR7pnuP+x71gifKvpRY
udSQfAnTlYd81GNPI293+/F2bJTkmX86SLxa5S8YxT6FOl8WytluU8FNMmGin6xm
pG/fAywzQ3SkMD1fQLoYWMGdI19LxpyzrHZ1OQr171uMeV8k2Y1D0FUBnj7TKmZ5
zTyqveKCNLEQS+qc2aHwaMTDDAkB/ggdS1IllfOqtKwiFl7ERhea5jQ03ifrebO/
Z+IMRxlZUfN+//UlbwaBtjH3HSHyp8STOu4xDjmst3WNfDSE1eN5ciFjrPatYQX4
DkQAv6+dM7flx0pC7LEUS9Sfdr6gJhtQUEp8yMQi21Ait7uUjPTfTF5AH3XyefLZ
Om+eAWys1yKokhKVIecdBirkJrPhM359mjGUdzv8KjLFNz1zBTJLVIzrYhayi+kC
ocXb68HcgWzZZGi67QWcXkgRZPk4tX+n4/+c+jTy0kIl9hSbRzQPyf35XpF9jPPs
TltFTZa5xsvRO/E9gQ0RQy0A7C4u18jQPdBvpgnsBHDRu5NoAM+4G0tjPH3hrDDz
YmEhEpxybMlswcnCZpIWcI+sdGRNHXCk8iXaSSDp7LEYDP82bn3fac+bKXL6NzZP
BIe9ZL/kpQo36Bl8r9a9
=3hDv
-----END PGP SIGNATURE-----
More information about the cups-devel
mailing list