MDVSA-2012:161
- Package name
- html2ps
- Date
- 2012-10-06
- Advisory ID
- MDVSA-2012:161
- Affected versions
- 2011 i586 , 2011 x86_64
Problem description
A vulnerability has been found and corrected in html2ps:
Directory traversal vulnerability in html2ps before 1.0b7 allows
remote attackers to read arbitrary files via directory traversal
sequences in SSI directives (CVE-2009-5067).
The updated packages have been upgraded to the 1.0b7 version which
is not affected by this issue.
Updated packages
2011 i586
a0ef74f6f963d98fc4305994bf810dbf 2011/i586/html2ps-2.0-2.b7.0.1-mdv2011.0.noarch.rpm fc582a56f07cdce61aabec91ed261870 2011/i586/xhtml2ps-2.0-2.b7.0.1-mdv2011.0.noarch.rpm 93aa1dc24c23c205360f5513816353d3 2011/SRPMS/html2ps-2.0-2.b7.0.1.src.rpm
2011 x86_64
528aa56f1547da9a385cf1ef01445e73 2011/x86_64/html2ps-2.0-2.b7.0.1-mdv2011.0.noarch.rpm 7c167fb40bc2655231eafe734c738a4d 2011/x86_64/xhtml2ps-2.0-2.b7.0.1-mdv2011.0.noarch.rpm 93aa1dc24c23c205360f5513816353d3 2011/SRPMS/html2ps-2.0-2.b7.0.1.src.rpm