Security
Security
CUPS leaks information about user names and passwords when using remote printing to SMB-shared printers which require authentication.
| Package | net-print/cups on all architectures |
|---|---|
| Affected versions | <= 1.1.20-r2 = 1.1.21 |
| Unaffected versions | revision >= 1.1.20-r3 >= 1.1.21-r1 |
The Common UNIX Printing System (CUPS) is a cross-platform print spooler.
When printing to a SMB-shared printer requiring authentication, CUPS leaks the user name and password to a logfile.
A local user could gain knowledge of sensitive authentication data.
There is no known workaround at this time.
All CUPS users should upgrade to the latest version:
# emerge sync # emerge -pv ">=net-print/cups-1.1.20-r3" # emerge ">=net-print/cups-1.1.20-r3"
Release date
October 09, 2004
Latest revision
October 09, 2004: 01
Severity
normal
Exploitable
local
Bugzilla entries