{"id":"MGASA-2015-0132","summary":"Updated cups-filters packages fix CVE-2015-2265","details":"Updated cups-filters package fixes security vulnerability:\n\ncups-browsed in cups-filters before 1.0.66 contained a bug in the\nremove_bad_chars() function, where it failed to reliably filter out illegal\ncharacters if there were two or more subsequent illegal characters, allowing\nexecution of arbitrary commands with the rights of the \"lp\" user, using forged\nprint service announcements on DNS-SD servers (CVE-2015-2265).\n","modified":"2026-04-16T06:23:09.276110826Z","published":"2015-04-04T10:45:56Z","upstream":["CVE-2015-2265"],"references":[{"type":"ADVISORY","url":"https://advisories.mageia.org/MGASA-2015-0132.html"},{"type":"REPORT","url":"https://bugs.mageia.org/show_bug.cgi?id=15424"},{"type":"REPORT","url":"https://bugs.linuxfoundation.org/show_bug.cgi?id=1265"},{"type":"WEB","url":"http://www.ubuntu.com/usn/usn-2532-1/"}],"affected":[{"package":{"name":"cups-filters","ecosystem":"Mageia:4","purl":"pkg:rpm/mageia/cups-filters?arch=source&distro=mageia-4"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"1.0.53-1.1.mga4"}]}],"ecosystem_specific":{"section":"core"},"database_specific":{"source":"https://advisories.mageia.org/MGASA-2015-0132.json"}}],"schema_version":"1.7.5","credits":[{"name":"Mageia","contact":["https://wiki.mageia.org/en/Packages_Security_Team"],"type":"COORDINATOR"}]}