From Mageia wiki
MGASA-2012-0310
| Date: | October 29th, 2012 |
| Affected releases: | 2 |
Description:
Updated cups-pk-helper package fixes security vulnerability:
cups-pk-helper, a PolicyKit helper to configure CUPS with fine-grained
privileges, wraps CUPS function calls in an insecure way. This could lead
to uploading sensitive data to a CUPS resource, or overwriting specific
files with the content of a CUPS resource. The user would have to
explicitly approve the action (CVE-2012-4510).
Updated Packages:
cups-pk-helper-0.2.1-1.1.mga2
References:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-4510
http://www.debian.org/security/2012/dsa-2562
https://bugs.mageia.org/show_bug.cgi?id=7895
