cups: incomplete fix for CVE-2014-3537 (CVE-2014-5029 CVE-2014-5030 CVE-2014-5031)
Incomplete fix for CVE-2014-3537 (http://www.cups.org/str.php?L4450) results in CVE-2014-5029/5030/5031.
Affected versions: could be CUPS before 1.7.4.
Patches are available for 2.0 and 1.7:
2.0: https://cups.org/strfiles.php/3370/str4455\_v2.patch
1.7: https://cups.org/strfiles.php/3371/str4455-1.7.patch
References:
https://cups.org/str.php?L4455
http://seclists.org/oss-sec/2014/q3/220
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-5029
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-5030
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-5031
(from redmine: issue id 3250, created on 2014-07-29, closed on 2014-08-22)
- Relations:
- child #3251 (closed)
- child #3252 (closed)
- child #3253 (closed)
- child #3254 (closed)