[Desktop-packages] [Bug 1316229] Re: cups-filters 1.0.53 security tracking bug

[Launchpad Bug Tracker]

This bug was fixed in the package cups-filters - 1.0.52-0ubuntu1.1

---------------
cups-filters (1.0.52-0ubuntu1.1) trusty-security; urgency=medium

  * SECURITY UPDATE: arbitrary code injection via malicous print servers
    (LP: #1316229)
    - debian/patches/CVE-2014-2707-part2.patch: also sanitize remote
      queue name in utils/cups-browsed.c.
    - CVE number pending
  * SECURITY UPDATE: BrowseAllow option fails open (LP: #1316229)
    - debian/patches/fix_browseallow.patch: Deny access if BrowseAllow
      option is invalid in utils/cups-browsed.c.
    - CVE number pending
 -- Marc Deslauriers <marc.deslauri...@ubuntu.com>   Mon, 05 May 2014 13:02:52 
-0400

** Changed in: cups-filters (Ubuntu Trusty)
       Status: In Progress => Fix Released

** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2014-2707

-- 
You received this bug notification because you are a member of Desktop
Packages, which is subscribed to cups-filters in Ubuntu.
https://bugs.launchpad.net/bugs/1316229

Title:
  cups-filters 1.0.53 security tracking bug

Status in “cups-filters” package in Ubuntu:
  Fix Released
Status in “cups-filters” source package in Trusty:
  Fix Released
Status in “cups-filters” source package in Utopic:
  Fix Released

Bug description:
  cups-filters 1.0.53 contains two security issues.

  CVE numbers have been requested, but are not yet available:

  http://www.openwall.com/lists/oss-security/2014/04/25/7

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/cups-filters/+bug/1316229/+subscriptions

-- 
Mailing list: https://launchpad.net/~desktop-packages
Post to     : desktop-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~desktop-packages
More help   : https://help.launchpad.net/ListHelp