User: Password:
|
|
Subscribe / Log in / New account

Mageia alert MGASA-2012-0359 (cups)

From:  Mageia Updates <buildsystem-daemon@mageia.org>
To:  updates-announce@ml.mageia.org
Subject:  [updates-announce] MGASA-2012-0359: cups-1.5.4-1.mga2 (2/core)
Date:  Tue, 11 Dec 2012 22:25:03 +0100
Message-ID:  <20121211212503.GA24230@valstar.mageia.org>
Archive-link:  Article, Thread

MGASA-2012-0359 Date: December 11th, 2012 Affected releases: 2 Description: Updated cups packages fix security vulnerability: CUPS stores the web interface administrator key in /var/run/cups/certs/0 using certain permissions, which allows local users in the lpadmin group to read or write arbitrary files as root by leveraging the web interface (CVE-2012-5519). Updated Packages: cups-1.5.4-1.mga2 cups-common-1.5.4-1.mga2 cups-serial-1.5.4-1.mga2 lib(64)cups2-1.5.4-1.mga2 lib(64)cups2-devel-1.5.4-1.mga2 php-cups-1.5.4-1.mga2 References: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-5519 http://www.ubuntu.com/usn/usn-1654-1/ https://bugs.mageia.org/show_bug.cgi?id=8318 https://wiki.mageia.org/en/Support/Advisories/MGASA-2012-...


(Log in to post comments)


Copyright © 2017, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds