Updated cups-filters package fixes security vulnerability
Publication date: 08 Jul 2015Modification date: 09 Jul 2015
Type: security
Affected Mageia releases : 4 , 5
CVE: CVE-2015-3258 , CVE-2015-3279
Description
A heap-based buffer overflow was discovered in the way the texttopdf utility of cups-filters processed print jobs with a specially crafted line size. An attacker being able to submit print jobs could exploit this flaw to crash texttopdf or, possibly, execute arbitrary code with the privileges of the 'lp' user (CVE-2015-3258, CVE-2015-3279).
References
SRPMS
5/core
- cups-filters-1.0.71-1.mga5
4/core
- cups-filters-1.0.53-1.2.mga4