openSUSE Security Update : cups-filters (openSUSE-2015-492)
High Nessus Plugin ID 84756
SynopsisThe remote openSUSE host is missing a security update.
Descriptioncups-filters was updated to fix three security issues.
These security issues were fixed :
- CVE-2015-2265: The remove_bad_chars function in utils/cups-browsed.c in cups-filters before 1.0.66 allowed remote IPP printers to execute arbitrary commands via consecutive shell metacharacters in the (1) model or (2) PDL. NOTE: this vulnerability exists because of an incomplete fix for CVE-2014-2707 (bsc#921753).
- CVE-2015-3279: Texttopdf integer overflow (incomplete fix for CVE-2015-3258) (bsc#937018).
- CVE-2015-3258: Texttopdf heap-based buffer overflow (bsc#936281).
SolutionUpdate the affected cups-filters packages.