[3.0] cups-filters: foomatic-rip did not consider the back tick as an illegal shell escape character (CVE-2015-8327)
- cups-browsed: When using IP-address-based device URIs via
the “IPBasedDeviceURIs” directive in cups-browsed.conf, add
two additional settings to restrict the used IP addresses to
either only IPv4 addresses or only IPv6 addresses.
- foomatic-rip: SECURITY FIX: Also consider the back tick
(‘`’) as an illegal shell escape character.
Fixed In Version:
cups-filters 1.2.0
References:
https://bugzilla.redhat.com/show\_bug.cgi?id=1287523
https://lists.debian.org/debian-printing/2015/11/msg00020.html
Patch:
http://bzr.linuxfoundation.org/loggerhead/openprinting/cups-filters/revision/7406
(from redmine: issue id 4932, created on 2015-12-04, closed on 2015-12-09)
- Relations:
- parent #4929 (closed)
- Changesets:
- Revision 22d19ae2 on 2015-12-09T15:41:03Z:
main/cups-filters: security fix CVE-2015-8327. Fixes #4932