Описание
Security update for cups-filters
This update fixes the following security issue:
CVE-2015-8327 adds backtick and semicolon to the list of illegal shell escape characters (bsc#957531).
Список пакетов
SUSE Linux Enterprise Desktop 12
cups-filters-1.0.58-13.1
cups-filters-cups-browsed-1.0.58-13.1
cups-filters-foomatic-rip-1.0.58-13.1
cups-filters-ghostscript-1.0.58-13.1
SUSE Linux Enterprise Desktop 12 SP1
cups-filters-1.0.58-13.1
cups-filters-cups-browsed-1.0.58-13.1
cups-filters-foomatic-rip-1.0.58-13.1
cups-filters-ghostscript-1.0.58-13.1
SUSE Linux Enterprise Server 12
cups-filters-1.0.58-13.1
cups-filters-cups-browsed-1.0.58-13.1
cups-filters-foomatic-rip-1.0.58-13.1
cups-filters-ghostscript-1.0.58-13.1
SUSE Linux Enterprise Server 12 SP1
cups-filters-1.0.58-13.1
cups-filters-cups-browsed-1.0.58-13.1
cups-filters-foomatic-rip-1.0.58-13.1
cups-filters-ghostscript-1.0.58-13.1
SUSE Linux Enterprise Server for SAP Applications 12
cups-filters-1.0.58-13.1
cups-filters-cups-browsed-1.0.58-13.1
cups-filters-foomatic-rip-1.0.58-13.1
cups-filters-ghostscript-1.0.58-13.1
SUSE Linux Enterprise Server for SAP Applications 12 SP1
cups-filters-1.0.58-13.1
cups-filters-cups-browsed-1.0.58-13.1
cups-filters-foomatic-rip-1.0.58-13.1
cups-filters-ghostscript-1.0.58-13.1
Ссылки
- Link for SUSE-SU-2016:0092-1
- E-Mail link for SUSE-SU-2016:0092-1
- SUSE Security Ratings
- SUSE Bug 957531
- SUSE CVE CVE-2015-8327 page
Описание
Incomplete blacklist vulnerability in util.c in foomatic-rip in cups-filters 1.0.42 before 1.2.0 and in foomatic-filters in Foomatic 4.0.x allows remote attackers to execute arbitrary commands via ` (backtick) characters in a print job.
Затронутые продукты
SUSE Linux Enterprise Desktop 12 SP1:cups-filters-1.0.58-13.1
SUSE Linux Enterprise Desktop 12 SP1:cups-filters-cups-browsed-1.0.58-13.1
SUSE Linux Enterprise Desktop 12 SP1:cups-filters-foomatic-rip-1.0.58-13.1
SUSE Linux Enterprise Desktop 12 SP1:cups-filters-ghostscript-1.0.58-13.1
Ссылки
- CVE-2015-8327
- SUSE Bug 1027197
- SUSE Bug 957531