CUPS leaks information about user names and passwords when using remote printing to SMB-shared printers which require authentication.
|Package||net-print/cups on all architectures|
|Affected versions||<= 1.1.20-r2, = 1.1.21|
|Unaffected versions||revision >= 1.1.20-r3, >= 1.1.21-r1|
The Common UNIX Printing System (CUPS) is a cross-platform print spooler.
When printing to a SMB-shared printer requiring authentication, CUPS leaks the user name and password to a logfile.
A local user could gain knowledge of sensitive authentication data.
There is no known workaround at this time.
All CUPS users should upgrade to the latest version:
# emerge sync # emerge -pv ">=net-print/cups-1.1.20-r3" # emerge ">=net-print/cups-1.1.20-r3"
October 09, 2004
October 09, 2004: 01