Mandriva Linux Security Advisory 2015-100 - Florian Weimer discovered that cups-filters incorrectly handled memory in the urftopdf filter. An attacker could possibly use this issue to execute arbitrary code with the privileges of the lp user. Florian Weimer discovered that cups-filters incorrectly handled memory in the pdftoopvp filter. Various other issues where also addressed.
7f312cada7ef4fe1709a37c3131bcc60a0c6ae0baefe7518dff2e7a96f7746ca
Red Hat Security Advisory 2014-1795-01 - The cups-filters package contains backends, filters, and other software that was once part of the core CUPS distribution but is now maintained independently. An out-of-bounds read flaw was found in the way the process_browse_data() function of cups-browsed handled certain browse packets. A remote attacker could send a specially crafted browse packet that, when processed by cups-browsed, would crash the cups-browsed daemon. A flaw was found in the way the cups-browsed daemon interpreted the "BrowseAllow" directive in the cups-browsed.conf file. An attacker able to add a malformed "BrowseAllow" directive to the cups-browsed.conf file could use this flaw to bypass intended access restrictions.
f4f080cd92162d6b8cb4a45568f8878ea79052302e9b3d47c111c48687f25f33