Ted Mwai teddymwai

Original report

Affected Vendor: OpenPrinting
Affected Product: Several components of the CUPS printing system: cups-browsed, libppd, libcupsfilters and cups-filters.
Affected Version: All versions <= 2.0.1 (latest release) and master.
Significant ICS/OT impact? no
Reporter: Simone Margaritelli [[email protected]]
Vendor contacted? yes The vendor has been notified trough Github Advisories and all bugs have been confirmed:

	# ruby's git repo investigation zsh one-liner-ish thingy
	# (a starting point for investigating anomalous contributions in git repositories)

	echo "$(find . -type f ! -size 0 ! -path './.git*' -exec grep -IL . "{}" \;)" \| \
	sed -e "s/^\.\///g" \| \
	while read line; \
	do \
	echo ">>>>>>>>$line"; \
	echo "$(git log --follow --find-renames=40% --pretty=format:"%ad%x0A%h%x0A%an%x20<%ae>%x0A%s" -- "$line" \| head -n 4)"; \
	commitdates="$(git log --follow --find-renames=40% --pretty=format:"%ae" -- "$line" \| head -n 1 \| xargs -I {} git log --author={} --pretty=format:"%ad")"; \

	start path "C:\Windows\notepad.exe"
	g
	? .thread_intercept_thread = 0;
	? .target_pid = $pid;
	? .target_tid = 0;
	? .target_allocation_address = 0;
	? .target_allocation_size = 0;
	? .is_commited = 0;

	!sysret stage post script {

	rule swivelload_bin
	{
	meta:
	description = "Swivelload"
	author = "James_inthe_box"
	reference = "https://app.any.run/tasks/34b3dc00-a855-49a0-a4be-0bc38b9007b9"
	date = "2021/10"
	maltype = "Loader"

	strings: