oss-sec mailing list archives
Re: foomatic file loading from cwd
From: Kurt Seifried <kseifried () redhat com>
Date: Wed, 18 Feb 2015 14:46:07 -0700
With apologies, this should have been made public some time ago however it fell through the cracks. This is a low severity issue, it requires significant attack/victim interaction and local access. This was assigned CVE-2013-6500 https://bugzilla.redhat.com/show_bug.cgi?id=995090
With apologies please REJECT CVE-2013-6500, this issue is not in foomatic. There may be an issue in Perl Encode however whether or not it is a security issue (or simply "broken by design" is up for debate. -- Kurt Seifried -- Red Hat -- Product Security -- Cloud PGP A90B F995 7350 148F 66BF 7554 160D 4553 5E26 7993
Attachment:
signature.asc
Description: OpenPGP digital signature
Current thread:
- foomatic file loading from cwd Kurt Seifried (Feb 04)
- <Possible follow-ups>
- Re: foomatic file loading from cwd Kurt Seifried (Feb 18)