blob: d4a087d0d78f6b04e7550b5d329664d6056abb8b (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
|
cups (1.5.3-2.7) unstable; urgency=low
In order to mitigate a privilege escalation from the lpadmin to root
(CVE-2012-5519), the /etc/cups/cupsd.conf configuration file is split
in two configuration files:
* /etc/cups/cupsd.conf can be edited by members of the lpadmin group
through the cups web interface;
* /etc/cups/cups-files.conf can only be edited by root;
Many sensitive configuration statements can now only be set in
cups-files.conf. No statements have been moved automatically. Please
check the respective manpages.
-- Didier Raboud <odyx@debian.org> Tue, 04 Dec 2012 12:13:14 +0100
|
