[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

[DLA-0022-1] cups security update

Debian Security Advisory DLA-0022-1
- ---------------------------------------------------------------------
Package        : cups
Version        : 1.4.4-7+squeeze6
CVE ID         : CVE-2014-3537

It was discovered that the web interface in CUPS, the Common UNIX
Printing System, incorrectly validated permissions on rss files and
directory index files. A local attacker could possibly use this issue
to bypass file permissions and read arbitrary files, possibly leading
to a privilege escalation.

Attachment: signature.asc
Description: This is a digitally signed message part.

Reply to: