-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 - ------------------------------------------------------------------------- Debian Security Advisory DSA-3429-1 security@xxxxxxxxxx https://www.debian.org/security/ Salvatore Bonaccorso December 21, 2015 https://www.debian.org/security/faq - ------------------------------------------------------------------------- Package : foomatic-filters CVE ID : CVE-2015-8327 CVE-2015-8560 Debian Bug : 806886 807993 Michal Kowalczyk and Adam Chester discovered that missing input sanitising in the foomatic-rip print filter might result in the execution of arbitrary commands. For the oldstable distribution (wheezy), these problems have been fixed in version 4.0.17-1+deb7u1. For the stable distribution (jessie), these problems have been fixed in version 4.0.17-5+deb8u1. For the unstable distribution (sid), these problems have been fixed in version 4.0.17-7. We recommend that you upgrade your foomatic-filters packages. Further information about Debian Security Advisories, how to apply these updates to your system and frequently asked questions can be found at: https://www.debian.org/security/ Mailing list: debian-security-announce@xxxxxxxxxxxxxxxx -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iQIcBAEBCgAGBQJWeEE+AAoJEAVMuPMTQ89EMqoP/R0az90cDSfPJdCG534KMRGL JXgzJsvo8HV7ez4pi/3gJS3uJB1H7oAgsr5DVpn1H7b0ur30NKbxCe+JUoBOWhSw kSXYBH59v/RFL3y3V253qGDbhpyhFk2iyWOK9OgRfMClLGOQIKWu8wiBxO1BS7wa OITdatU1UQdRO5beygPRf/JgtIAJ+GMJ+oeUOkRcICpawfIny6IGmgsPiYmZ1nL4 RS8dCqttKYmp92Er0JZSAzUdgC8Br78+IuN1PEir3GohNAFZLGXEIuPgW962VMag BEqeWATPB1TxLc5Jiw9zaTPD3KNM8kU0N1n3AiONfDRMVCL4XPjZGbTvydLk5eit MGNs+1PXsfsNZa3Hz9QHd72o+zDL+BjmzZMEklRsMIUQDnz5Vui9Er2CX2kGltYg 9OSwt0gvKyomf0bzTVYbU+oxO3E2Ebg5dhRKJxCgxr9UV0XxOIFmCGbi5G/9r9wT LjBmx9dZbUp6Pb4dm93LVbLFY5xMHNQ4TYKaOd49C9u+4S3mq/GTs8GWr5mJFFBO oqJlkMlYsW2xuFNSJibku7HwVR3OYqUAwgiCDtRCroPR/3RPugg/uzPn2eGf16E9 3JiSl9tDTWg0HlntBJy8QFKLrTdi5myuki/OeXvZ/cHFCBs7x+s4sR22J9NaekvS Zr5vPTs/l5D+x9ri4UnA =P4XZ -----END PGP SIGNATURE-----
