Edgar Fuß <ef%math.uni-bonn.de@localhost> writes: > Is someone working on the recent CUPS vulnerabilities? Apparently not :( > My impression is that applying > https://www.cups.org/strfiles.php/3482/str4609-1.5.patch > would fix print/cups15, while print/cups could be updated from 2.0.2 > to 2.0.3. wiz just did 2.0.3, based on a PR by Leonardo Taccari. > Is this (for 2014Q4) the correct way of fixing print/cups15? Looks good to me, so I applied it to cups15. It would be good to hear From soeone else who has looked into this enough to be sure that's right and who has tested the new version. Until them, I an hesitant to ask for a pullup (and 2015Q1 stops getting updates on 7/1 anyway). Really I'd like to get cups 2 in good enough shape that there is no reason for anyone to want to run cups15....
Attachment:
pgpu99ksZu2lB.pgp
Description: PGP signature