[cups-devel] [CRIT] STR #4609: CERT VU#810572: Privilege escalation through dynamic linker and isolated vulnerabilities

[Johannes Meixner]

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

DO NOT REPLY TO THIS MESSAGE.  INSTEAD, POST ANY RESPONSES TO THE LINK BELOW.

[STR Resolved]

FYI:

Meanwhile the SUSE security team got the following info from CERT
(excerpt):
- ----------------------------------------------------------------------
Furthermore, CVE IDs have been assigned as follows:

* Improper Update of Reference Count -- CVE-2015-1158
* Cross-Site Scripting -- CVE-2015-1159
- ----------------------------------------------------------------------

Perhaps you may like to add the CVEs to change logs and/or
to whatever other places where users may look for them.

Link: https://www.cups.org/str.php?L4609
Version: 2.0.2
Fix Version: 2.1-current (r12700)
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2.0.14 (GNU/Linux)
Comment: GPGTools - https://gpgtools.org

iQIcBAEBCgAGBQJVdqgSAAoJENujp6sI12Ij5mIQAKzlj7ingFjotXH3bc7z7/L7
iMvzFuDYXY3ZO9/2vmrz37aUqAR3ZfUL5rqbuqvVK7+VczoZjDr8M9Y+2N/oZ8An
SvJgTjhKQRf+UM4PsErHG+f7doc9qBas1msS9ItWXCr+mgcXVBvh9Mb4roQtA9va
XoIT8uKdUCiNNXnJMNx+GcgIH57X2MZfvJg5Qq/VSHFK6w4Xrz985Cx4LzqUWC4k
GhNjJDH9hwWahasKbOj6XQHKUQPnX9utsfuUJrhzqqMMB5Lh4x4D7I2k/XffvcV9
HA+3JLeORQ2t82LjDLbw1l8ZmBsU6Bs5WGQIhgusKjJ0pImJoARz2dKTV60+1Qc5
cQIGjc4KhtjYTTulDVFjIfe4EWRg4Ol/gvfcE61tYdU7+kuXMCLoT40FhxMMhZ4Y
rb9aSivRDiot34kHkPNn3D5EUynBgFczPgE9+hpleCMPyF/fXuBgylbqLQifCv7A
3G2sxojbo9OYSrMluj0p1LMfZhF0tXtCA8JXEBwelD+mweJlKbN7iW2dX/f/pWEG
+s7729qSBuzYhu/mGl9b4yv2q9+Td7deHAiTR7vu6xRfU6k5eSUgjtpKQEDjGjXg
VveYQkbVnnOX1+hX8T/rw2O1mp736Zx7ardQNc4bltVetEmeNi5yc+E22WG+NK/h
J0kNTcHboIqtuVwurjAA
=B5gP
-----END PGP SIGNATURE-----