Advisories » MGASA-2014-0181

Updated cups-filters packages fix security vulnerability

Publication date: 17 Apr 2014
Modification date: 17 Apr 2014
Type: security
Affected Mageia releases : 4
CVE: CVE-2014-2707

Description

Updated cups-filters packages fix security vulnerability:

Sebastian Krahmer discovered it was possible to use malicious broadcast
packets to execute arbitrary commands on a server running the cups-
browsed daemon (CVE-2014-2707).

Note that only systems that have enabled the affected feature by using
the CreateIPPPrinterQueues configuration directive in /etc/cups/cups-
browsed.conf are affected.
                

References

• https://lists.fedoraproject.org/pipermail/package-announce/2014-April/131485.html
• https://bugs.mageia.org/show_bug.cgi?id=13216
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2707

SRPMS

4/core

• cups-filters-1.0.41-3.4.mga4