Mandriva Linux Security Advisory : a2ps (MDVSA-2014:076)
Medium Nessus Plugin ID 73467
SynopsisThe remote Mandriva Linux host is missing one or more security updates.
DescriptionUpdated a2ps packages fix security vulnerability :
Brian M. Carlson reported that a2ps's fixps script does not invoke gs with the -dSAFER option. Consequently executing fixps on a malicious PostScript file could result in files being deleted or arbitrary commands being executed with the privileges of the user running fixps (CVE-2014-0466).
SolutionUpdate the affected a2ps, a2ps-devel and / or a2ps-static-devel packages.