Advisories ยป MGASA-2014-0021

Updated cups packages fix a security vulverability

Publication date: 21 Jan 2014
Modification date: 21 Jan 2014
Type: security
Affected Mageia releases : 3
CVE: CVE-2013-6891

Description

Updated cups packages fix security vulnerability:

Jann Horn discovered that the CUPS lppasswd tool incorrectly read a user
configuration file in certain configurations. A local attacker could use
this to read sensitive information from certain files, bypassing access
restrictions (CVE-2013-6891).

References

SRPMS

3/core