Bug 1287523 - (CVE-2015-8327) CVE-2015-8327 cups-filters: foomatic-rip did not consider the back tick as an illegal shell escape character
CVE-2015-8327 cups-filters: foomatic-rip did not consider the back tick as an...
Status: NEW
Product: Security Response
Classification: Other
Component: vulnerability (Show other bugs)
All Linux
medium Severity medium
: ---
: ---
Assigned To: Red Hat Product Security
: Security
Depends On: 1301076 1301077
Blocks: 1287524
  Show dependency treegraph
Reported: 2015-12-02 04:33 EST by Martin Prpič
Modified: 2016-03-22 17:04 EDT (History)
2 users (show)

See Also:
Fixed In Version: cups-filters 1.2.0
Doc Type: Bug Fix
Doc Text:
It was discovered that foomatic-rip failed to remove all shell special characters from inputs used to construct command lines for external programs run by the filter. An attacker could possibly use this flaw to execute arbitrary commands.
Story Points: ---
Clone Of:
Last Closed:
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---

Attachments (Terms of Use)

  None (edit)
Description Martin Prpič 2015-12-02 04:33:21 EST
The following issue was fixed in the 1.2.0 release of cups-filters:

foomatic-rip: SECURITY FIX: Also consider the back tick ('`') as an illegal shell escape character. Thanks to Michal Kowalczyk from the Google Security Team for the hint (CVE-2015-8327).

External References:

Comment 1 Martin Prpič 2015-12-02 04:33:52 EST
Fixed in Fedora in:

Comment 2 Tomas Hoger 2015-12-02 05:12:38 EST
Upstream fix apparently is:


Plus a related change to add CVE to the NEWS file:


foomatic filters were only added to cups-filters in version 1.0.42:


So the affected code is not in cups-filters or cups packages as shipped in Red Hat Enterprise Linux 7 and earlier.  However, foomatic-filters are also packaged separately as foomatic package.
Comment 3 Tomas Hoger 2015-12-02 05:18:57 EST
foomatic in Fedora does not include foomatic-rip filter and require cups-filters:

Comment 7 errata-xmlrpc 2016-03-22 17:04:00 EDT
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 6

Via RHSA-2016:0491 https://rhn.redhat.com/errata/RHSA-2016-0491.html

Note You need to log in before you can comment on or make changes to this bug.