blob: eda1b60d3faf577716585cccd8d7dc7c4d93990f (
plain) (
blame)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
|
<define-tag description>LTS security update</define-tag>
<define-tag moreinfo>
<p>Adam Chester discovered that there was an injection vulnerability in
foomatic-filters which is used by printer spoolers to convert
incoming PostScript data into the printer's native format. This
could lead to the execution of arbitrary commands.</p>
<p>The patch applied in <a href="./dla-365">DLA 365-1</a> prevented usage of (unescaped) backticks
and this update complements the previous update by doing the same for
semi-colons.</p>
<p>For Debian 6 Squeeze, this issue has been fixed in foomatic-filters
version 4.0.5-6+squeeze2+deb6u12.</p>
<p>(Thanks to Yann Soubeyrand who prepared the updated Debian package)</p>
</define-tag>
# do not modify the following line
#include "$(ENGLISHDIR)/lts/security/2015/dla-371.data"
# $Id$
|
