Package name
cups
Date
2014-01-22
Advisory ID
MDVSA-2014:015
Affected versions
MBS1 x86_64

Problem description

Updated cups packages fix security vulnerability:

Jann Horn discovered that the CUPS lppasswd tool incorrectly read a
user configuration file in certain configurations. A local attacker
could use this to read sensitive information from certain files,
bypassing access restrictions (CVE-2013-6891).

Updated packages

MBS1 x86_64

 a6646cbe1804c5d62e37197b3ec90ec8  mbs1/x86_64/cups-1.5.4-1.3.mbs1.x86_64.rpm
 fa20903729498ec8fbd29c6585abaa9a  mbs1/x86_64/cups-common-1.5.4-1.3.mbs1.x86_64.rpm
 aca4ef10b72a067ab3a7fb36df3fa5d3  mbs1/x86_64/cups-serial-1.5.4-1.3.mbs1.x86_64.rpm
 d30e3298fe8a3c1f9b8faf86d08b26e0  mbs1/x86_64/lib64cups2-1.5.4-1.3.mbs1.x86_64.rpm
 281b77cf4c621cd2afd865f9349b7c90  mbs1/x86_64/lib64cups2-devel-1.5.4-1.3.mbs1.x86_64.rpm
 49ea22c6a06c0c71069fe8fa1a7c405c  mbs1/x86_64/php-cups-1.5.4-1.3.mbs1.x86_64.rpm 
 8d940ef3c9ba290046e5120c1e0eb884  mbs1/SRPMS/cups-1.5.4-1.3.mbs1.src.rpm

References