[cups.general] [local] [kill] CUPS 1.1.22 lppasswd ignores write
Michael Sweet
mike at easysw.com
Wed Dec 15 18:45:22 PST 2004
D. J. Bernstein wrote:
> Bartlomiej Sieka, a student in my Fall 2004 UNIX Security Holes course,
> has discovered several security problems in how lppasswd, version 1.1.22
> (current), edits /usr/local/etc/cups/passwd. I'm publishing this notice,
> but all the discovery credits should be assigned to Sieka.
> ...
Assigned as STR #1023:
http://www.cups.org/str.php?L1023
--
______________________________________________________________________
Michael Sweet, Easy Software Products mike at easysw dot com
Internet Printing and Publishing Software http://www.easysw.com
More information about the cups
mailing list