Your submission was sent successfully! Close

USN-2210-1: cups-filters vulnerability

8 May 2014

Several security issues were fixed in cups-filters.

Releases

Packages

Details

Sebastian Krahmer discovered that cups-browsed incorrectly filtered remote
printer names and strings. A remote attacker could use this issue to
possibly execute arbitrary commands. (CVE-2014-2707)

Johannes Meixner discovered that cups-browsed ignored invalid BrowseAllow
directives. This could cause it to accept browse packets from all hosts,
contrary to intended configuration.

Update instructions

The problem can be corrected by updating your system to the following package versions:

Ubuntu 14.04

In general, a standard system update will make all the necessary changes.

References