Advisories ยป MGASA-2014-0170

Updated cups-filters packages fix security vulnerabilities

Publication date: 15 Apr 2014
Type: security
Affected Mageia releases : 4
CVE: CVE-2013-6473 , CVE-2013-6474 , CVE-2013-6475 , CVE-2013-6476

Description

Updated cups-filters packages fix security vulnerabilities:

Florian Weimer discovered that cups-filters incorrectly handled memory
in the urftopdf filter. An attacker could possibly use this issue to
execute arbitrary code with the privileges of the lp user (CVE-2013-6473).

Florian Weimer discovered that cups-filters incorrectly handled memory
in the pdftoopvp filter. An attacker could possibly use this issue to
execute arbitrary code with the privileges of the lp user (CVE-2013-6474,
CVE-2013-6475).

Florian Weimer discovered that cups-filters did not restrict driver
directories in in the pdftoopvp filter. An attacker could possibly use
this issue to execute arbitrary code with the privileges of the lp user
(CVE-2013-6476).
                

References

SRPMS

4/core