From Mageia wiki
MGASA-2012-0297
Date: | October 16th, 2012 |
Affected releases: | 1, 2 |
Description:
Updated html2ps packages fix security vulnerability:
Directory traversal vulnerability in html2ps before 1.0b7 allows
remote attackers to read arbitrary files via directory traversal
sequences in SSI directives (CVE-2009-5067).
Updated Packages:
Mageia 1:
html2ps-2.0-2.b7.1.mga1
xhtml2ps-2.0-2.b7.1.mga1
Mageia 2:
html2ps-2.0-2.b7.1.mga2
xhtml2ps-2.0-2.b7.1.mga2
References:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-5067
http://www.mandriva.com/en/support/security/advisories/?dis=2011&name=MDVSA-2012:161
https://bugs.mageia.org/show_bug.cgi?id=7722