blob: 6d72ef2e596830bbd8c2833cc1e0ff855cb1eaa8 (
plain) (
blame)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
|
<define-tag description>LTS security update</define-tag>
<define-tag moreinfo>
<p>It was discovered that there was an issue in the CUPS printer
framework where remote attackers could execute arbitrary commands by
sending POST requests to the CUPS daemon in conjunction with DNS
rebinding.</p>
<p>This was caused by a whitelisted <q>localhost.localdomain</q> entry.</p>
<p>For Debian 7 <q>Wheezy</q>, this issue has been fixed in cups version
1.5.3-5+deb7u7.</p>
<p>We recommend that you upgrade your cups packages.</p>
</define-tag>
# do not modify the following line
#include "$(ENGLISHDIR)/lts/security/2018/dla-1288.data"
# $Id: $
|
