Security Information / 2015 / Security Information -- DSA-3411-1 cups-filters

Debian Security Advisory

DSA-3411-1 cups-filters -- security update

Date Reported:

02 Dec 2015

Affected Packages:

cups-filters

Vulnerable:

Yes

Security database references:

In Mitre's CVE dictionary: CVE-2015-8327.

More information:

Michal Kowalczyk discovered that missing input sanitising in the foomatic-rip print filter might result in the execution of arbitrary commands.

The oldstable distribution (wheezy) is not affected.

For the stable distribution (jessie), this problem has been fixed in version 1.0.61-5+deb8u2.

For the unstable distribution (sid), this problem has been fixed in version 1.2.0-1.

We recommend that you upgrade your cups-filters packages.