Date: Sun, 13 Dec 2015 09:02:26 +0100 From: Salvatore Bonaccorso <carnil@...ian.org> To: OSS Security Mailinglist <oss-security@...ts.openwall.com> Cc: CVE Assignments MITRE <cve-assign@...re.org>, Adam Chester <adam.chester@...test.co.uk>, Till Kamppeter <till.kamppeter@...il.com> Subject: CVE Request: Cups Filters/Foomatic Filters: Does not consider semicolon as an illegal shell escape character Hi CVE-2015-8327 was assigned to cups-filters/foomatic-rip since it does not consider the back ticks as an illegal shell escape character and allowing code execution. There was another commit in cups-filters upstream (revision 7419) as well adding (;) to the set of illegal shell escape characters: http://bzr.linuxfoundation.org/loggerhead/openprinting/cups-filters/revision/7419 an was found by Adam Chester. Could you assign a CVE for this issue as well? Regards, Salvatore
Powered by blists - more mailing lists
Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.
Powered by Openwall GNU/*/Linux - Powered by OpenVZ