From ${URL} : cups-browsed is daemon which browses the Bonjour broadcasts of shared, remote CUPS printers and makes the printers available locally. Sebastian Krahmer discovered it was possible to use malicious broadcast packets to execute arbitrary commands. Original report: http://seclists.org/oss-sec/2014/q2/3 @maintainer(s): after the bump, in case we need to stabilize the package, please let us know if it is ready for the stabilization or not.
fixed in >=1.0.51
+ 15 Apr 2014; Andreas K. Huettel <dilfridge@gentoo.org> + +cups-filters-1.0.52.ebuild: + Version bump, bug 506518 Please test and stabilize 1.0.52
Stable for HPPA. (In reply to Andreas K. Hüttel from comment #2) > + 15 Apr 2014; Andreas K. Huettel <dilfridge@gentoo.org> > + +cups-filters-1.0.52.ebuild: > + Version bump, bug 506518 > > Please test and stabilize 1.0.52 Again and again: No, that's wrong for so many reasons. Do something like this instead: Arch teams, please test and mark stable: =net-print/cups-filters-1.0.52 Targeted stable KEYWORDS : alpha amd64 arm hppa ia64 ppc ppc64 sparc x86
amd64 stable
Superceded by bug 508844 Sec team, please do with this bug as you please.
CVE-2014-2707 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-2707): cups-browsed in cups-filters 1.0.41 before 1.0.51 in allows remote IPP printers to execute arbitrary commands via shell metacharacters in the (1) model or (2) PDL, related to "System V interface scripts generated for queues."
Fixed by bug 508844 Created NEW GLSA Request
This issue was resolved and addressed in GLSA 201406-16 at http://security.gentoo.org/glsa/glsa-201406-16.xml by GLSA coordinator Mikle Kolyada (Zlogene).