CVE-2011-2899 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2899): pysmb.py in system-config-printer 0.6.x and 0.7.x, as used in foomatic-gui and possibly other products, allows remote SMB servers to execute arbitrary commands via shell metacharacters in the (1) NetBIOS or (2) workgroup name, which are not properly handled when searching for network printers.
Just commited the version Bump to 0.7.9.5. This contains the patch [1] to fix the issue mentioned [2]. 1 http://cvs.savannah.gnu.org/viewvc/foomatic-gui/foomatic/pysmb.py?root=foomatic-gui&r1=1.2&r2=1.3&view=patch 2 http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2011-2899
Thanks, Justin. Closing noglsa since I don't believe this package currently has stable versions. Please correct me if I am wrong.
You are right. All vulnerable versions have been removed.