{"id":"MGASA-2014-0021","summary":"Updated cups packages fix a security vulverability","details":"Updated cups packages fix security vulnerability:\n\nJann Horn discovered that the CUPS lppasswd tool incorrectly read a user\nconfiguration file in certain configurations. A local attacker could use\nthis to read sensitive information from certain files, bypassing access\nrestrictions (CVE-2013-6891).\n","modified":"2026-04-16T06:26:18.526484750Z","published":"2014-01-21T16:19:37Z","upstream":["CVE-2013-6891"],"references":[{"type":"ADVISORY","url":"https://advisories.mageia.org/MGASA-2014-0021.html"},{"type":"WEB","url":"http://www.cups.org/str.php?L4319"},{"type":"WEB","url":"http://www.ubuntu.com/usn/usn-2082-1/"},{"type":"REPORT","url":"https://bugs.mageia.org/show_bug.cgi?id=12257"}],"affected":[{"package":{"name":"cups","ecosystem":"Mageia:3","purl":"pkg:rpm/mageia/cups?arch=source&distro=mageia-3"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"1.5.4-9.1.mga3"}]}],"ecosystem_specific":{"section":"core"},"database_specific":{"source":"https://advisories.mageia.org/MGASA-2014-0021.json"}}],"schema_version":"1.7.5","credits":[{"name":"Mageia","contact":["https://wiki.mageia.org/en/Packages_Security_Team"],"type":"COORDINATOR"}]}