Security update to LPRng

16

Author: JT Smith

Posted at LWN.net: The LPRng port, versions prior to 3.6.26, contains a potential vulnera-
bility which may allow root compromise from both local and remote systems.
The vulnerability is due to incorrect usage of the syslog(3) function.
Local and remote users can send string-formatting operators to the print-
er daemon to corrupt the daemon’s execution, potentially gaining root
access.

Category:

  • Linux