From aliz@gentoo.org Sun Dec 29 14:47:52 2002 From: Daniel Ahlberg To: full-disclosure@lists.netsys.com Date: Sun, 29 Dec 2002 14:35:20 +0100 Subject: [Full-Disclosure] GLSA: cups -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - - -------------------------------------------------------------------- GENTOO LINUX SECURITY ANNOUNCEMENT 200212-13 - - -------------------------------------------------------------------- PACKAGE : cups SUMMARY : multiple cups vulnerbilities DATE    : 2002-12-29 13:12 UTC EXPLOIT : remote and local - - -------------------------------------------------------------------- - From iDEFENSE advisory: "Exploitation of multiple CUPS vulnerabilities allow local and remote attackers in the worst of the scenarios to gain root privileges." Read the full advisory at http://www.idefense.com/advisory/12.19.02.txt SOLUTION It is recommended that all Gentoo Linux users who are running net-print/cups-1.1.17_pre20021025 or earlier update their systems as follows: emerge rsync emerge cups emerge clean - - -------------------------------------------------------------------- aliz@gentoo.org - GnuPG key is available at www.gentoo.org/~aliz lordvan@gentoo.org - - -------------------------------------------------------------------- -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.1 (GNU/Linux) iD8DBQE+DvoLfT7nyhUpoZMRAh8YAJ4lvCiGG5XfVvbpoKfzkKvj0geBygCeJRh1 XYhpQT4S3rWtJu33t3ouuSI= =Qel0 -----END PGP SIGNATURE----- _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html