Security update for cups-filters SUSE Patch security@suse.de SUSE Security Team openSUSE-SU-2015:1244-1 Final 1 1 2015-07-07T07:36:11Z current 2015-07-07T07:36:11Z 2015-07-07T07:36:11Z cve-database/bin/generate-cvrf.pl 2017-02-24T01:00:00Z Security update for cups-filters cups-filters was updated to fix three security issues. These security issues were fixed: - CVE-2015-2265: The remove_bad_chars function in utils/cups-browsed.c in cups-filters before 1.0.66 allowed remote IPP printers to execute arbitrary commands via consecutive shell metacharacters in the (1) model or (2) PDL. NOTE: this vulnerability exists because of an incomplete fix for CVE-2014-2707 (bsc#921753). - CVE-2015-3279: Texttopdf integer overflow (incomplete fix for CVE-2015-3258) (bsc#937018). - CVE-2015-3258: Texttopdf heap-based buffer overflow (bsc#936281). The CVRF data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0). Copyright SUSE LLC under the Creative Commons License 4.0 with Attribution (CC-BY-4.0) http://lists.opensuse.org/opensuse-updates/2015-07/msg00033.html E-Mail link for openSUSE-SU-2015:1244-1 https://www.suse.com/support/security/rating/ SUSE Security Ratings openSUSE 13.2 cups-filters-1.0.58-2.7.1 cups-filters-cups-browsed-1.0.58-2.7.1 cups-filters-cups-browsed-debuginfo-1.0.58-2.7.1 cups-filters-debuginfo-1.0.58-2.7.1 cups-filters-debugsource-1.0.58-2.7.1 cups-filters-devel-1.0.58-2.7.1 cups-filters-foomatic-rip-1.0.58-2.7.1 cups-filters-foomatic-rip-debuginfo-1.0.58-2.7.1 cups-filters-ghostscript-1.0.58-2.7.1 cups-filters-ghostscript-debuginfo-1.0.58-2.7.1 cups-filters-1.0.58-2.7.1 as a component of openSUSE 13.2 cups-filters-cups-browsed-1.0.58-2.7.1 as a component of openSUSE 13.2 cups-filters-cups-browsed-debuginfo-1.0.58-2.7.1 as a component of openSUSE 13.2 cups-filters-debuginfo-1.0.58-2.7.1 as a component of openSUSE 13.2 cups-filters-debugsource-1.0.58-2.7.1 as a component of openSUSE 13.2 cups-filters-devel-1.0.58-2.7.1 as a component of openSUSE 13.2 cups-filters-foomatic-rip-1.0.58-2.7.1 as a component of openSUSE 13.2 cups-filters-foomatic-rip-debuginfo-1.0.58-2.7.1 as a component of openSUSE 13.2 cups-filters-ghostscript-1.0.58-2.7.1 as a component of openSUSE 13.2 cups-filters-ghostscript-debuginfo-1.0.58-2.7.1 as a component of openSUSE 13.2 The remove_bad_chars function in utils/cups-browsed.c in cups-filters before 1.0.66 allows remote IPP printers to execute arbitrary commands via consecutive shell metacharacters in the (1) model or (2) PDL. NOTE: this vulnerability exists because of an incomplete fix for CVE-2014-2707. CVE-2015-2265 openSUSE 13.2:cups-filters-1.0.58-2.7.1 openSUSE 13.2:cups-filters-cups-browsed-1.0.58-2.7.1 openSUSE 13.2:cups-filters-cups-browsed-debuginfo-1.0.58-2.7.1 openSUSE 13.2:cups-filters-debuginfo-1.0.58-2.7.1 openSUSE 13.2:cups-filters-debugsource-1.0.58-2.7.1 openSUSE 13.2:cups-filters-devel-1.0.58-2.7.1 openSUSE 13.2:cups-filters-foomatic-rip-1.0.58-2.7.1 openSUSE 13.2:cups-filters-foomatic-rip-debuginfo-1.0.58-2.7.1 openSUSE 13.2:cups-filters-ghostscript-1.0.58-2.7.1 openSUSE 13.2:cups-filters-ghostscript-debuginfo-1.0.58-2.7.1 moderate Please Install the update. http://lists.opensuse.org/opensuse-updates/2015-07/msg00033.html https://www.suse.com/security/cve/CVE-2015-2265.html CVE-2015-2265 https://bugzilla.suse.com/921753 SUSE Bug 921753 https://bugzilla.suse.com/937018 SUSE Bug 937018 Heap-based buffer overflow in the WriteProlog function in filter/texttopdf.c in texttopdf in cups-filters before 1.0.70 allows remote attackers to cause a denial of service (crash) or possibly execute arbitrary code via a small line size in a print job. CVE-2015-3258 openSUSE 13.2:cups-filters-1.0.58-2.7.1 openSUSE 13.2:cups-filters-cups-browsed-1.0.58-2.7.1 openSUSE 13.2:cups-filters-cups-browsed-debuginfo-1.0.58-2.7.1 openSUSE 13.2:cups-filters-debuginfo-1.0.58-2.7.1 openSUSE 13.2:cups-filters-debugsource-1.0.58-2.7.1 openSUSE 13.2:cups-filters-devel-1.0.58-2.7.1 openSUSE 13.2:cups-filters-foomatic-rip-1.0.58-2.7.1 openSUSE 13.2:cups-filters-foomatic-rip-debuginfo-1.0.58-2.7.1 openSUSE 13.2:cups-filters-ghostscript-1.0.58-2.7.1 openSUSE 13.2:cups-filters-ghostscript-debuginfo-1.0.58-2.7.1 moderate Please Install the update. http://lists.opensuse.org/opensuse-updates/2015-07/msg00033.html https://www.suse.com/security/cve/CVE-2015-3258.html CVE-2015-3258 https://bugzilla.suse.com/921753 SUSE Bug 921753 https://bugzilla.suse.com/936281 SUSE Bug 936281 https://bugzilla.suse.com/937018 SUSE Bug 937018 Integer overflow in filter/texttopdf.c in texttopdf in cups-filters before 1.0.71 allows remote attackers to cause a denial of service (crash) or possibly execute arbitrary code via a crafted line size in a print job, which triggers a heap-based buffer overflow. CVE-2015-3279 openSUSE 13.2:cups-filters-1.0.58-2.7.1 openSUSE 13.2:cups-filters-cups-browsed-1.0.58-2.7.1 openSUSE 13.2:cups-filters-cups-browsed-debuginfo-1.0.58-2.7.1 openSUSE 13.2:cups-filters-debuginfo-1.0.58-2.7.1 openSUSE 13.2:cups-filters-debugsource-1.0.58-2.7.1 openSUSE 13.2:cups-filters-devel-1.0.58-2.7.1 openSUSE 13.2:cups-filters-foomatic-rip-1.0.58-2.7.1 openSUSE 13.2:cups-filters-foomatic-rip-debuginfo-1.0.58-2.7.1 openSUSE 13.2:cups-filters-ghostscript-1.0.58-2.7.1 openSUSE 13.2:cups-filters-ghostscript-debuginfo-1.0.58-2.7.1 moderate Please Install the update. http://lists.opensuse.org/opensuse-updates/2015-07/msg00033.html https://www.suse.com/security/cve/CVE-2015-3279.html CVE-2015-3279 https://bugzilla.suse.com/921753 SUSE Bug 921753 https://bugzilla.suse.com/936281 SUSE Bug 936281 https://bugzilla.suse.com/937018 SUSE Bug 937018