14 DAY TRIAL // Canonical has announced in a security notice that a CUPS vulnerability has been found and fixed in Ubuntu 14.04 LTS, Ubuntu 12.04 LTS, and Ubuntu 10.04 LTS operating systems.
All the supported Ubuntu releases have been affected by this issue, although Ubuntu 10.04 LTS is actually the server edition. The developers have explained that CUPS could have been made to expose sensitive information, which would lead to privilege escalation.
According to the security notice, "Salvatore Bonaccorso discovered that the CUPS web interface incorrectly validated permissions and incorrectly handled symlinks. An attacker could possibly use this issue to bypass file permissions and read arbitrary files, possibly leading to a privilege escalation."
For a more detailed description of the problems, you can see Canonical's security notification. Users should upgrade their Linux distribution in order to correct this issue.
The flaw can be fixed if you upgrade your system(s) to the latest CUPS package specific to each distribution. To apply the patch, you can simply run the Update Manager application.
If you don't want to use the integrate Update Manager, you can enter these commands in a terminal (you will need to be root);
sudo apt-get update sudo apt-get dist-upgrade
In general, a standard system update will make all the necessary changes.