[v3.0] cups: incomplete fix for CVE-2014-3537 (CVE-2014-5029 CVE-2014-5030 CVE-2014-5031)
Incomplete fix for CVE-2014-3537 (http://www.cups.org/str.php?L4450) results in CVE-2014-5029/5030/5031.
Affected versions: could be CUPS before 1.7.4.
Patches are available for 2.0 and 1.7:
2.0: https://cups.org/strfiles.php/3370/str4455\_v2.patch
1.7: https://cups.org/strfiles.php/3371/str4455-1.7.patch
References:
https://cups.org/str.php?L4455
http://seclists.org/oss-sec/2014/q3/220
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-5029
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-5030
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-5031
(from redmine: issue id 3254, created on 2014-07-29, closed on 2014-08-22)
- Relations:
- parent #3250 (closed)
- Changesets:
- Revision 9f63973f by Natanael Copa on 2014-07-29T14:11:20Z:
main/cups: security upgrade to 1.7.4 (CVE-2014-5029/5030/5031)
fixes #3254