[ubuntu/precise-security] cups 1.5.3-0ubuntu8.5 (Accepted)
Marc Deslauriers
marc.deslauriers at canonical.com
Mon Sep 8 14:16:19 UTC 2014
cups (1.5.3-0ubuntu8.5) precise-security; urgency=medium
* SECURITY UPDATE: privilege escalation via symlinks and world-readable
permissions
- debian/patches/CVE-2014-50xx.patch: add some more symlink and
permission checks to scheduler/client.c.
- CVE-2014-5029
- CVE-2014-5030
- CVE-2014-5031
* debian/patches/cups-restore-access-to-logfiles.patch: fix regressions
caused by recent security updates by allowing access to cupsd.conf and
the log files. (LP: #1349387)
Date: 2014-09-05 20:08:12.672107+00:00
Changed-By: Marc Deslauriers <marc.deslauriers at canonical.com>
https://launchpad.net/ubuntu/precise/+source/cups/1.5.3-0ubuntu8.5
-------------- next part --------------
Sorry, changesfile not available.
More information about the Precise-changes
mailing list