==========================================================================
Ubuntu Security Notice USN-2831-2
December 07, 2015
foomatic-filters vulnerability
==========================================================================
A security issue affects these releases of Ubuntu and its derivatives:
– Ubuntu 12.04 LTS
Summary:
foomatic-filters could be made to run programs as the lp user if it
processed a specially crafted print job.
Software Description:
– foomatic-filters: OpenPrinting printer support – filters
Details:
Michal Kowalczyk discovered that the foomatic-filters foomatic-rip filter
incorrectly stripped shell escape characters. A remote attacker could
possibly use this issue to execute arbitrary code as the lp user.
Update instructions:
The problem can be corrected by updating your system to the following
package versions:
Ubuntu 12.04 LTS:
foomatic-filters 4.0.16-0ubuntu0.3
In general, a standard system update will make all the necessary changes.
References:
http://www.ubuntu.com/usn/usn-2831-2
http://www.ubuntu.com/usn/usn-2831-1
CVE-2015-8327
Package Information:
https://launchpad.net/ubuntu/+source/foomatic-filters/4.0.16-0ubuntu0.3
—–BEGIN PGP SIGNATURE—–
Version: GnuPG v2
iQIcBAEBCgAGBQJWZZS3AAoJEGVp2FWnRL6Tt6QP/0bYyLqDSTo7BrJROxTGzltz
mFjfsms77fLU4NB1vNak3WvzBFu7UsJlvXRuXpL0JoXkirs+IcY35ByFX3s0Rm0F
qGtqkN6sWZujFvu3rrnBrqOrQ/IXDfmvWaaN1OxLw+v8EChJJUCTTJ6S0grIMfvN
1ZMfN5xg3RDOtUiplDDdmEKcSICH8KEToIshZzh7jUkcgYuvFIbUvJrxxeLzZReG
KN48JJpk1OiADsn2LUE8YsuVZzGk4CzwCtHRXBEKbwsNqodduPQQB3a6rkYDM9xq
9ggNu4HD4jIMu3GXOm9b0FvqX1Eh1mnUwKYHDNhLaD2cXd8QNe0JRlmV8OQQ4aHu
IigsGa6n6gTcOACXyKHd6Js3WPDOYaC1EeSxUlKyKYfk7BZA+S7CE4/4E9Mgv8Md
MjAtzVG+eKL4/+QdhgrHxo6aFaOKIRB2TinZYOgfXbJDjgMseMR4Gwps8zjNCGQ4
XIA2HL5x3oFGHcaFY/WYQLflt8nH3qptpol6TnDrDByhn7MS2vIYj3Ke22BG7Jq7
fKAH7TnBDKYVnJ2C/ppG7lf/gWuQB8fU+J89EP8tG2la/FeR4cebzqRrmKE9MMxz
WTAd1mPJumTlgZUA0KSHCZZ3D0bhZTRF9j+u/OFYqtY8TSb47hm8HRw5M73MEXOF
Xf75KkSqoxwbozzVqV05
=CVj3
—–END PGP SIGNATURE—–
—