On Thu, Aug 25, 2011 at 12:22:04PM +0200, Josselin Mouette wrote: > Package: system-config-printer > Version: 1.2.3-3 > Severity: grave > Tags: security squeeze > > See https://bugzilla.redhat.com/show_bug.cgi?id=728348 > > The pysmb.py module in system-config-printer is vulnerable to a remote > security vulnerability.
I had a short look at the code now. >From what I see the version in squeeze uses smbc instead of invoking nmblookup/smbclient directly. There's a leftover nmblookup in troubleshoot/CheckPrinterSanity.py though but this only gets input from the troubleshoot dialog.. Lenny's pysmb looks vulnerable. Cheers, -- Guido -- To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
