Univention Bugzilla – Full Text Bug Listing |
Summary: | cups: Multiple issues (4.0) | ||
---|---|---|---|
Product: | UCS | Reporter: | Arvid Requate <requate> |
Component: | Security updates | Assignee: | Felix Botner <botner> |
Status: | CLOSED FIXED | QA Contact: | Daniel Tröder <troeder> |
Severity: | normal | ||
Priority: | P5 | CC: | gohmann, walkenhorst |
Version: | UCS 4.0 | Flags: | requate:
Patch_Available+
|
Target Milestone: | UCS 4.0-3-errata | ||
Hardware: | Other | ||
OS: | Linux | ||
What kind of report is it?: | --- | What type of bug is this?: | --- |
Who will be affected by this bug?: | --- | How will those affected feel about the bug?: | --- |
User Pain: | Enterprise Customer affected?: | ||
School Customer affected?: | ISV affected?: | ||
Waiting Support: | Flags outvoted (downgraded) after PO Review: | ||
Ticket number: | Bug group (optional): | Security | |
Max CVSS v3 score: |
Description
Arvid Requate
2015-02-16 17:24:37 CET
Fixed in upstream Debian package version 1.5.3-5+deb7u5 Fixed in upstream Debian package version 1.5.3-5+deb7u6: * Improper Update of Reference Count (CVE-2015-1158) * Cross-Site Scripting (CVE-2015-1159) cups 1.5.3-5+deb7u6 imported from wheezy and built in errata4.0-3. YAML: 2015-09-11-cups.yaml OK: DEBIAN_FRONTEND=noninteractive apt-get install -y cups OK: /usr/share/doc/cups/changelog.Debian.gz OK: r63647 + r63650 / 2015-09-11-cups.yaml / CVEs OK: Test: apt-get install cups-pdf, ssh 10.200.3.18 -L 10631:localhost:631, add pdf-printer, print test page, download and check → CUPS test page was prperly printed |