Processed: retitle 807930 to cups-filters: CVE-2015-8560: code execution via improper escaping of ; in foomatic-rip

Processing commands for cont...@bugs.debian.org: > retitle 807930 cups-filters: CVE-2015-8560: code execution via improper > escaping of ; in foomatic-rip Bug #807930 [cups-filters] cups-filters: code execution via improper escaping of ; in foomatic-rip Changed Bug title to 'cups-filters: CVE-20

Re: cups-filters 1.4.0 released!

On 12/14/2015 10:06 PM, Samuel Thibault wrote: Hello, Till Kamppeter, on Mon 14 Dec 2015 21:52:45 -0200, wrote: Note that this time I have already done everything in the Debian GIT repository, as for the Braille embossing support there is a new dependency on liblouis and a lot of new files. J

Re: cups-filters 1.4.0 released!

Hello, Till Kamppeter, on Mon 14 Dec 2015 21:52:45 -0200, wrote: > Note that this time I have already done everything in the Debian GIT > repository, as for the Braille embossing support there is a new dependency > on liblouis and a lot of new files. Just a little more change: the cups-filters pa

Re: CVE Request: Cups Filters/Foomatic Filters: Does not consider semicolon as an illegal shell escape character

On 12/14/2015 07:32 PM, cve-ass...@mitre.org wrote: -BEGIN PGP SIGNED MESSAGE- Hash: SHA256 There was another commit in cups-filters upstream (revision 7419) as well adding (;) to the set of illegal shell escape characters: http://bzr.linuxfoundation.org/loggerhead/openprinting/cups-fi

Bug#807930: TEMP-0000000-166C73 code execution via improper escaping of ; in foomatic-rip

On 12/14/2015 01:30 PM, Didier 'OdyX' Raboud wrote: I'm likely to wait for 1.4.0 upstream release for an upload to unstable, and will then prepare the package for jessie (if the Security Team agrees). I have 1.4.0 released upstream now, including the fix. I have also updated the Debian packagi

cups-filters 1.4.0 released!

Hi, I have released cups-filters 1.4.0 now, with the following changes: - foomatic-rip: SECURITY FIX: Also consider the semicolon (';') as an illegal shell escape character. Thanks to Adam Chester (adam dot chester at pentest dot co dot uk) for the hint (CVE

Bug#807930: cups-filters: code execution via improper escaping of ; in foomatic-rip

Attached is the upstream patch with proper DEP-3 headers. If you need help to prepare the packages for Jessie and Wheezy, feel free to ask me ;-) Cheers Description: foomatic-rip: SECURITY FIX: Also consider the semicolon (';') as an illegal shell escape character. Author: Till Kamppeter Origin

Processed: your mail

Processing commands for cont...@bugs.debian.org: > found 807930 1.0.42-1 Bug #807930 [cups-filters] cups-filters: code execution via improper escaping of ; in foomatic-rip Ignoring request to alter found versions of bug #807930 to the same values previously set > notfound 807930 1.3.0-1 Bug #807

Processed (with 2 errors): your mail

Processing commands for cont...@bugs.debian.org: > found 807930 1.0.42-1 Bug #807930 [cups-filters] cups-filters: code execution via improper escaping of ; in foomatic-rip Marked as found in versions cups-filters/1.0.42-1. > notfound 1.3.0-1 Unknown command or malformed arguments to command. > no

Processed: retitle 807930 to cups-filters: code execution via improper escaping of ; in foomatic-rip

Processing commands for cont...@bugs.debian.org: > # please don't use TEMP identifiers > retitle 807930 cups-filters: code execution via improper escaping of ; in > foomatic-rip Bug #807930 [cups-filters] TEMP-000-166C73 code execution via improper escaping of ; in foomatic-rip Changed Bug t

Processed (with 5 errors): your mail

Processing commands for cont...@bugs.debian.org: > found 807930 1.0.61-5+deb8u2 Bug #807930 [cups-filters] TEMP-000-166C73 code execution via improper escaping of ; in foomatic-rip Marked as found in versions cups-filters/1.0.61-5+deb8u2. > Ce message et toutes les pièces jointes (ci-après le

Processed: your mail

Processing commands for cont...@bugs.debian.org: > found 807930 1.3.0-1 Bug #807930 [cups-filters] TEMP-000-166C73 code execution via improper escaping of ; in foomatic-rip Marked as found in versions cups-filters/1.3.0-1. > notfound 807930 1.0.18-2.1+deb7u2 Bug #807930 [cups-filters] TEMP-00

Bug#807930: TEMP-0000000-166C73 code execution via improper escaping of ; in foomatic-rip

Control: tags -1 +patch +upstream +fixed-upstream Le lundi, 14 décembre 2015, 15.45:31 Yann Soubeyrand a écrit : > There is a patch upstream for this vulnerability: > https://bzr.linuxfoundation.org/loggerhead/openprinting/cups-filters/revision/7419. Thanks for the hint. I'm likely to wait for 1

Processed: Re: Bug#807930: TEMP-0000000-166C73 code execution via improper escaping of ; in foomatic-rip

Processing control commands: > tags -1 +patch +upstream +fixed-upstream Bug #807930 [cups-filters] TEMP-000-166C73 code execution via improper escaping of ; in foomatic-rip Added tag(s) patch. Bug #807930 [cups-filters] TEMP-000-166C73 code execution via improper escaping of ; in foomati

Bug#807930: TEMP-0000000-166C73 code execution via improper escaping of ; in foomatic-rip

Package: cups-filters Severity: important Tags: security upstream There is a patch upstream for this vulnerability: https://bzr.linuxfoundation.org/loggerhead/openprinting/cups-filters/revision/7419.