Univention Bugzilla – Bug 33278
cups: Privilege Escalation
Last modified: 2014-11-26 06:55:01 CET
+++ This bug was initially created as a clone of Bug #29197 +++ Mitglieder der Gruppe lpadmin können über das Cups-Webinterface Root-Rechte erlangen (CVE-2012-5519) The group is empty by default, so this should only affect special UCS setups. The fix provided in http://www.debian.org/security/2013/dsa-2600 is not directly applicable to UCS: It splits some configuration options from /etc/cups/cupsd.conf into a separate cups-files.conf, which can can be edited by root. We would need to modify that in the UCR templates, which should rather be done for 3.2 The patch from http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=692791#46 is another alternative; is disallows editing of /etc/cups/cupsd.conf from the web interface (which trashes the setting written from the template, so it's the better fix anyway).
This will be fixed in 4.0 when we update the UCR templates for CUPS to the new version in Wheezy.
Update config (cupsd.conf, cups-files.conf, cups-pdf.conf)files.
OK: only cupsd.conf editable. Changelog: OK
UCS 4.0-0 has been released: http://docs.univention.de/release-notes-4.0-0-en.html http://docs.univention.de/release-notes-4.0-0-de.html If this error occurs again, please use "Clone This Bug".