DSA-1933-1 cups -- missing input sanitisingID: oval:org.secpod.oval:def:600366 | Date: (C)2011-05-13 (M)2024-01-02 |
Class: PATCH | Family: unix |
Aaron Siegel discovered that the web interface of cups, the Common UNIX Printing System, is prone to cross-site scripting attacks. For the stable distribution , this problem has been fixed in version 1.3.8-1+lenny7. For the oldstable distribution , this problem has been fixed in version 1.2.7-4+etch9. For the testing distribution and the unstable distribution , this problem will be fixed soon. We recommend that you upgrade your cups packages.