From ${URL} : Description Red Hat Security Response Team has reported a weakness in CUPS, which can be exploited by malicious, local users to disclose potentially sensitive information. The weakness is caused due to the application following symbolic links within the "/rss" directory when handling certain HTTP request to the web interface. This can be exploited to disclose the contents of arbitrary files via specially crafted symbolic links and HTTP requests. Successful exploitation requires "lp" group permissions and the web interfaced to be enabled (disabled by default). The weakness is reported in versions prior to 1.7.4. Solution: Update to version 1.7.4. Provided and/or discovered by: Francisco Alonso, Red Hat Security Response Team. Original Advisory: CUPS: http://www.cups.org/documentation.php/doc-1.7/relnotes.html http://www.cups.org/str.php?L4450 Red Hat Security Response Team: https://bugzilla.redhat.com/show_bug.cgi?id=1115576 @maintainer(s): after the bump, in case we need to stabilize the package, please let us know if it is ready for the stabilization or not.
Added net-print/cups-1.7.4 ebuild. Let's wait for a few days to see obvious problems and then stabilize it.
CVE-2014-3537 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-3537): The web interface in CUPS before 1.7.4 allows local users in the lp group to read arbitrary files via a symlink attack on a file in /var/cache/cups/rss/.
Let's go for cups-1.7.5 (another bug squashed there) instead, see bug 519792
Arches and Maintainer(s), Thank you for your work. GLSA Vote: No
GLSA vote: no. Closing as [noglsa]