openSUSE-SU-2016:0179-1

Опубликовано: 20 янв. 2016

Источник: suse-cvrf

Описание

Security update for cups-filters

This update fixes the following security issue:

CVE-2015-8327 adds backtick and semicolon to the list of illegal shell escape characters (bsc#957531).

This update was imported from the SUSE:SLE-12:Update update project.

Список пакетов

openSUSE Leap 42.1

cups-filters-1.0.58-12.1

cups-filters-cups-browsed-1.0.58-12.1

cups-filters-devel-1.0.58-12.1

cups-filters-foomatic-rip-1.0.58-12.1

cups-filters-ghostscript-1.0.58-12.1

Ссылки

https://lists.opensuse.org/opensuse-updates/2016-01/msg00065.html
E-Mail link for openSUSE-SU-2016:0179-1
https://www.suse.com/support/security/rating/
SUSE Security Ratings

Описание

Incomplete blacklist vulnerability in util.c in foomatic-rip in cups-filters 1.0.42 before 1.2.0 and in foomatic-filters in Foomatic 4.0.x allows remote attackers to execute arbitrary commands via ` (backtick) characters in a print job.

Затронутые продукты

openSUSE Leap 42.1:cups-filters-1.0.58-12.1

openSUSE Leap 42.1:cups-filters-cups-browsed-1.0.58-12.1

openSUSE Leap 42.1:cups-filters-devel-1.0.58-12.1

openSUSE Leap 42.1:cups-filters-foomatic-rip-1.0.58-12.1

Ссылки

https://www.suse.com/security/cve/CVE-2015-8327.html
CVE-2015-8327
https://bugzilla.suse.com/1027197
SUSE Bug 1027197
https://bugzilla.suse.com/957531
SUSE Bug 957531

openSUSE-SU-2016:0179-1

Описание

Список пакетов

openSUSE Leap 42.1

Ссылки

Уязвимость: CVE-2015-8327

Описание

Затронутые продукты

Ссылки