Nixpkgs security tracker

Untriaged

Permalink CVE-2011-2924

created 2 months ago Activity log

Created suggestion 2 months ago

foomatic-rip filter v4.0.12 and prior used insecurely creates temporary files …

foomatic-rip filter v4.0.12 and prior used insecurely creates temporary files for storage of PostScript data by rendering the data when the debug mode was enabled. This flaw may be exploited by a local attacker to conduct symlink attacks by overwriting arbitrary files accessible with the privileges of the user running the foomatic-rip universal print filter.

References

https://security-tracker.debian.org/tracker/CVE-2011-2924 x_transferredx_refsource_MISC
https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2011-2924 x_transferredx_refsource_MISC
https://access.redhat.com/security/cve/cve-2011-2924 x_transferredx_refsource_MISC
https://www.openwall.com/lists/oss-security/2014/02/08/5/1 x_transferredx_refsource_MISC
https://lwn.net/Articles/459979/ x_transferredx_refsource_MISC
https://launchpad.net/ubuntu/+source/foomatic-filters/4.0.12-1 x_transferredx_refsource_MISC

Affected products

foomatic-filters

==4.0.12 and prior

Matching in nixpkgs

pkgs.foomatic-filters

Foomatic printing filters

nixos-unstable 4.0.17
- nixpkgs-unstable 4.0.17
- nixos-unstable-small 4.0.17
nixos-25.11 4.0.17
- nixos-25.11-small 4.0.17
- nixpkgs-25.11-darwin 4.0.17

Package maintainers

@7c6f434c Michael Raskin <7c6f434c@mail.ru>

Suggestion detail

References

Affected products

Matching in nixpkgs

pkgs.foomatic-filters

Package maintainers