Bug#807931: TEMP-0000000-166C73 code execution via improper escaping of ; in foomatic-rip

Control: forcemerge -1 807993 Le lundi 14 décembre 2015 à 23:33 +0100, deb...@jff-webhosting.net a écrit : > tags 807931 + pending > notfound 807931 foomatic-filters/4.0-20090301-1 > tags 807931 - patch - upstream > tags 807931 + fixed-upstream > severity 807931 normal > thanks > > Hallo Yann, >

Bug#807931: TEMP-0000000-166C73 code execution via improper escaping of ; in foomatic-rip

Le lundi, 14 décembre 2015, 23.33:54 Jörg Frings-Fürst a écrit : > Nevertheless, a few comments: > > - foomatic-filters/4.0-20090301-1 is not a valid version > in squeeze, wheezy, jessie, stretch and sid. That's not a problem though: this version has existed in Debian, and documenting from

Bug#807931: TEMP-0000000-166C73 code execution via improper escaping of ; in foomatic-rip

Control: tags -1 + patch Attached is the upstream patch with proper DEP-3 headers. Description: foomatic-rip: SECURITY FIX: Also consider the semicolon (';') as an illegal shell escape character. Author: Till Kamppeter Origin: upstream,

Bug#807931: TEMP-0000000-166C73 code execution via improper escaping of ; in foomatic-rip

Package: foomatic-filters Severity: important Tags: security upstream There is a patch upstream for this vulnerability: https://bzr.linuxfoundation.org/loggerhead/openprinting/cups-filters/revision/7419.

Bug#807931: TEMP-0000000-166C73 code execution via improper escaping of ; in foomatic-rip

tags 807931 + pending notfound 807931 foomatic-filters/4.0-20090301-1 tags 807931 - patch - upstream tags 807931 + fixed-upstream severity 807931 normal thanks Hallo Yann, first thank you for spending your time helping to make Debian better with this bug report. Nevertheless, a few comments: