Nom du paquet
html2ps
Date
2013-04-05
Advisory ID
MDVSA-2013:041
Affected versions
MBS1 x86_64

Problem description

A vulnerability has been found and corrected in html2ps:

Directory traversal vulnerability in html2ps before 1.0b7 allows
remote attackers to read arbitrary files via directory traversal
sequences in SSI directives (CVE-2009-5067).

The updated packages have been upgraded to the 1.0b7 version which
is not affected by this issue.

Updated packages

MBS1 x86_64

 8c8192f3507c328bf2ee3abc548e696d  mbs1/x86_64/html2ps-2.0-2.b7.1.mbs1.noarch.rpm
 13991211e93cec835d5030b46b38aa45  mbs1/x86_64/xhtml2ps-2.0-2.b7.1.mbs1.noarch.rpm 
 a7e550c28526dab8acb0afdcde70f98a  mbs1/SRPMS/html2ps-2.0-2.b7.1.mbs1.src.rpm

References