[cups-devel] [HIGH] STR #4455: Incomplete fix for CVE-2014-3537 (CVE-2014-5029/5030/5031)
Michael Sweet
noreply at cups.org
Thu Jul 31 04:48:37 PDT 2014
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512
DO NOT REPLY TO THIS MESSAGE. INSTEAD, POST ANY RESPONSES TO THE LINK BELOW.
[STR Resolved]
Tim, please file a separate bug for the log file regression; the default
log file permissions in CUPS are 0644, but we can probably special-case the
log files when authentication is enabled.
Link: https://www.cups.org/str.php?L4455
Version: 1.7.4
Fix Version: 2.0-current (r12055)
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2.0.14 (GNU/Linux)
Comment: GPGTools - https://gpgtools.org
iQIcBAEBCgAGBQJT2i0VAAoJENujp6sI12IjpSQP/ijMyWISDg/OIBV1CdDGjwan
h2niJqjZcnoBvec1xHSzyWv7OyyydDcMeXLoOSjXHsWBS/2uEjszyEZ+OkwX2Cf8
vsDViUAjEbrNrEvgJjyeJRoZW0d5k2W6NWhPmp9CjHriwHcumJmtK2+QCY/L9BxN
95yxNEqN60QZvrhiwl2cDEvF9OUkXBDACY8rKZGPgnXg6c6w9SQC098JwQbqGL8K
Mghx0XSUW615HmvOcDc+aCMxJJfIOFNi/KGtVOJk0OC+j4iz6JZy46ljDo0p9Rb2
tQoRxdhzNs9OH3hN2HZZf6h3JkSQa8+zAub88C6mwhWo4R2WVNmkzcvvnV3CW31p
R3YvIWPWmzi9FO1pNcwQhYgg1BdvP/FVIx2xM/4owFUcytD2BI7i/D3SO2Z8HVqQ
UWamidDoL+QIZjldy0w3BKKFzWuwZs8bSeP0GrWXGpA2jxfLYLFd7gJG9BARYRWz
/qKDByetqqyzq3kMfRqdlPtTxzpGKLzHLNMQ0azVFhsi8L9kgPT1lJiW2K6W8zex
lSmUfsuQtNhiillRne9hzvg87OwUOI28gmcFbAc9JmguzUKnQ6KbLm1qrmT7Fm1/
ljwm0xch0gcA3gAnZxqTCjyemHsejOnPc8xdvFJqsGEws7fNOZwio+NJ3RuWhsqy
jskNLZRx5GnytBMs26/3
=0RYZ
-----END PGP SIGNATURE-----
More information about the cups-devel
mailing list