| |||||||||||||||||||
Ubuntu alert USN-1265-1 (system-config-printer)
========================================================================== Ubuntu Security Notice USN-1265-1 November 17, 2011 system-config-printer vulnerability ========================================================================== A security issue affects these releases of Ubuntu and its derivatives: - Ubuntu 11.10 - Ubuntu 11.04 Summary: An attacker could trick system-config-printer into installing altered packages and repositories. Software Description: - system-config-printer: Python modules for printer configuration with CUPS Details: Marc Deslauriers discovered that system-config-printer's cupshelpers scripts used by the Ubuntu automatic printer driver download service queried the OpenPrinting database using an insecure connection. If a remote attacker were able to perform a man-in-the-middle attack, this flaw could be exploited to install altered packages and repositories. Update instructions: The problem can be corrected by updating your system to the following package versions: Ubuntu 11.10: python-cupshelpers 1.3.6+20110831-0ubuntu9.4 Ubuntu 11.04: python-cupshelpers 1.3.1+20110222-0ubuntu16.5 After a standard system update you need to reboot your computer to make all the necessary changes. References: http://www.ubuntu.com/usn/usn-1265-1 CVE-2011-4405 Package Information: https://launchpad.net/ubuntu/+source/system-config-printe... https://launchpad.net/ubuntu/+source/system-config-printe... -- ubuntu-security-announce mailing list ubuntu-security-announce@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-security... (Log in to post comments)
|
|||||||||||||||||||