First Last Prev Next    No search results available      Search page      Enter new bug
Bug#: 64166
Alias:
Product:
Component:
Status: RESOLVED
Resolution: FIXED
Assigned To: Gentoo Security <security@gentoo.org>
Hardware:
OS:
Version:
Priority:
Severity:
Reporter: Luke Macken (RETIRED) <lewk@gentoo.org>
Add CC:
CC:
Remove selected CCs
URL:
Summary:
Status Whiteboard:
Keywords:
Flags: Requestee:
 
 
  ()

Filename Description Type Creator Created Size Actions
Create a New Attachment (proposed patch, testcase, etc.) View All

Bug 64166 depends on: Show dependency tree
Bug 64166 blocks:
Votes: 0    Show votes for this bug    Vote for this bug

Additional Comments: (this is where you put emerge --info)


Not eligible to see or edit group visibility for this bug.






View Bug Activity   |   Format For Printing   |   XML   |   Clone This Bug

Description:   Opened: 2004-09-15 12:38 0000 
Package name  	printer-drivers
Date 	September 15th, 2004
Advisory ID 	MDKSA-2004:094
Affected versions 	9.2, 10.0
Synopsis 	Updated printer-drivers packages fix vulnerability in foomatic
	

Problem Description

The foomatic-rip filter, which is part of foomatic-filters package, contains a vulnerability that allows anyone with access to CUPS, local or remote, to execute arbitrary commands on the server. The updated packages provide a fixed foomatic-rip filter that prevents this kind of abuse. 

References

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0801

------- Comment #1 From Luke Macken (RETIRED) 2004-09-15 12:39:40 0000 ------- 
printing, please bump to 3.0.2

------- Comment #2 From Luke Macken (RETIRED) 2004-09-15 12:40:29 0000 ------- 
Ignore the mandrake versions in the Description.

------- Comment #3 From Heinrich Wendel (RETIRED) 2004-09-16 00:49:34 0000 ------- 
bumped foomatic,foomatic-filters and foomatic-db-engine to 3.0.2, other arches
please mark stable

------- Comment #4 From Sune Kloppenborg Jeppesen 2004-09-16 00:57:49 0000 ------- 
Thx lanius. Arches please test and mark stable.

------- Comment #5 From Jochen Maes (RETIRED) 2004-09-16 01:25:10 0000 ------- 
stable ppc

------- Comment #6 From Jochen Maes (RETIRED) 2004-09-16 01:25:48 0000 ------- 
forgot to remove ppc

------- Comment #7 From Gustavo Zacarias (RETIRED) 2004-09-16 07:18:12 0000 ------- 
sparc stable.

------- Comment #8 From Olivier Crete 2004-09-16 09:08:34 0000 ------- 
already stable on x86

------- Comment #9 From Bryan Østergaard (RETIRED) 2004-09-17 02:45:02 0000 ------- 
Stable on alpha.

------- Comment #10 From Danny van Dyk (RETIRED) 2004-09-19 08:55:25 0000 ------- 
stable on amd64

------- Comment #11 From SpanKY 2004-09-19 19:35:21 0000 ------- 
hppa/ia64 stable now

------- Comment #12 From Sune Kloppenborg Jeppesen 2004-09-20 06:20:37 0000 ------- 
Updating severity.

------- Comment #13 From Joshua J. Berry (CondorDes) (RETIRED) 2004-09-20 08:02:07 0000 ------- 
GLSA 200409-24.

------- Comment #14 From Joshua Kinard 2004-09-22 00:59:09 0000 ------- 
stable on mips.

------- Comment #15 From Tom Gall 2004-10-09 16:32:24 0000 ------- 
stable on ppc64, thanks!
First Last Prev Next    No search results available      Search page      Enter new bug