Debian has issued an advisory on December 2: https://www.debian.org/security/2015/dsa-3411 Patched package uploaded for Mageia 5. This was already fixed in Cauldron. Advisory: ======================== Updated cups-filters package fixes security vulnerability: Michal Kowalczyk discovered that missing input sanitising in the foomatic-rip print filter might result in the execution of arbitrary commands (CVE-2015-8327). References: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8327 https://www.debian.org/security/2015/dsa-3411 ======================== Updated packages in core/updates_testing: ======================== cups-filters-1.0.71-1.1.mga5 libcups-filters1-1.0.71-1.1.mga5 libcups-filters-devel-1.0.71-1.1.mga5 from cups-filters-1.0.71-1.1.mga5.src.rpm Reproducible: Steps to Reproduce:
On mga5-64 Installed updates from testing: $ rpm -qa | grep cups-filters lib64cups-filters1-1.0.71-1.1.mga5 cups-filters-1.0.71-1.1.mga5 Updates installed cleanly. My HP printer continues to function normally. OK for mga5-64
Whiteboard: (none) => MGA5-64-OK
Keywords: (none) => validated_updateWhiteboard: MGA5-64-OK => MGA5-64-OK advisoryCC: (none) => davidwhodgins, sysadmin-bugs
An update for this issue has been pushed to Mageia Updates repository. http://advisories.mageia.org/MGASA-2015-0465.html
Status: NEW => RESOLVEDResolution: (none) => FIXED