Advisories ยป MGASA-2018-0224

Updated cups packages fix security vulnerability

Publication date: 09 May 2018
Type: security
Affected Mageia releases : 5
CVE: CVE-2017-18248

Description

CUPS before version 2.2.6 has a vulnerability in the handling of
usernames in the scheduler/ipp.c:add_job() function. A remote attacker
could exploit this by submitting a print job with an invalid UTF-8
username to cause a crash and subsequent denial of service
(CVE-2017-18248).
                

References

SRPMS

5/core