oss-sec mailing list archives
Re: Privilege escalation (lpadmin -> root) in cups
From: Yves-Alexis Perez <corsac () debian org>
Date: Sun, 11 Nov 2012 20:29:41 +0100
On sam., 2012-11-10 at 14:01 +0100, Yves-Alexis Perez wrote:
On sam., 2012-11-10 at 13:49 +0100, Yves-Alexis Perez wrote:Hi, a Debian user reported a bug in our BTS concerning cupsd. The bug is available at http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=692791 and upstream bug at http://www.cups.org/str.php?L4223 (restricted because it's tagged security).By the way, it seems that the CUPS security contact at http://oss-security.openwall.org/wiki/software#cups doesn't work, I just received a bounce. Does someone know a mail address to reach them?
Followup on that: I had the information by the person reporting the bug #4223. He had an answer there that the security contact for Apple was security () apple com and the one for CUPS was security () cups org (which was notified because the bug was tagged security). I've edited the wiki to correct the information there. Regards, -- Yves-Alexis
Attachment:
signature.asc
Description: This is a digitally signed message part
Current thread:
- Privilege escalation (lpadmin -> root) in cups Yves-Alexis Perez (Nov 10)
- Re: Privilege escalation (lpadmin -> root) in cups Yves-Alexis Perez (Nov 10)
- Re: Privilege escalation (lpadmin -> root) in cups Yves-Alexis Perez (Nov 11)
- Re: Privilege escalation (lpadmin -> root) in cups Kurt Seifried (Nov 10)
- Re: Privilege escalation (lpadmin -> root) in cups Yves-Alexis Perez (Nov 11)
- Re: Privilege escalation (lpadmin -> root) in cups Sean Amoss (Nov 13)
- Re: Privilege escalation (lpadmin -> root) in cups Yves-Alexis Perez (Nov 10)