Openwall GNU/*/Linux - a small security-enhanced Linux distro for servers
[<prev] [next>] [<thread-prev] [day] [month] [year] [list]
Date: Mon, 14 Dec 2015 21:58:13 -0200
From: Till Kamppeter <till.kamppeter@...il.com>
To: cve-assign@...re.org, carnil@...ian.org
Cc: oss-security@...ts.openwall.com, adam.chester@...test.co.uk,
 Debian Printing Team <Debian-printing@...ts.debian.org>
Subject: Re: CVE Request: Cups Filters/Foomatic Filters: Does not consider
 semicolon as an illegal shell escape character

On 12/14/2015 07:32 PM, cve-assign@...re.org wrote:
> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA256
>
>> There was another commit in cups-filters upstream (revision 7419) as
>> well adding (;) to the set of illegal shell escape characters:
>>
>> http://bzr.linuxfoundation.org/loggerhead/openprinting/cups-filters/revision/7419
>
> Use CVE-2015-8560.

Thank you very much. I have released cups-filters 1.4.0 upstream now 
with reference to this CVE in the NEWS file.

    Till

Powered by blists - more mailing lists

Your e-mail address:

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Powered by Openwall GNU/*/Linux - Powered by OpenVZ