Mageia alert MGASA-2012-0359 (cups)

From:
    	       Mageia Updates <buildsystem-daemon@mageia.org> 
To:
    	       updates-announce@ml.mageia.org 
Subject:
    	       [updates-announce] MGASA-2012-0359: cups-1.5.4-1.mga2 (2/core) 
Date:
    	       Tue, 11 Dec 2012 22:25:03 +0100
Message-ID:
    	       <20121211212503.GA24230@valstar.mageia.org>

MGASA-2012-0359
Date: 	December 11th, 2012
Affected releases: 	2

Description:
Updated cups packages fix security vulnerability:

CUPS stores the web interface administrator key in /var/run/cups/certs/0
using certain permissions, which allows local users in the lpadmin group
to read or write arbitrary files as root by leveraging the web interface
(CVE-2012-5519).

Updated Packages:
cups-1.5.4-1.mga2
cups-common-1.5.4-1.mga2
cups-serial-1.5.4-1.mga2
lib(64)cups2-1.5.4-1.mga2
lib(64)cups2-devel-1.5.4-1.mga2
php-cups-1.5.4-1.mga2

References:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-5519
http://www.ubuntu.com/usn/usn-1654-1/
https://bugs.mageia.org/show_bug.cgi?id=8318
https://wiki.mageia.org/en/Support/Advisories/MGASA-2012-...

From:		Mageia Updates <buildsystem-daemon@mageia.org>
To:		updates-announce@ml.mageia.org
Subject:		[updates-announce] MGASA-2012-0359: cups-1.5.4-1.mga2 (2/core)
Date:		Tue, 11 Dec 2012 22:25:03 +0100
Message-ID:		<20121211212503.GA24230@valstar.mageia.org>