CVE-2009-5067

Name	CVE-2009-5067
Description	Directory traversal vulnerability in html2ps before 1.0b6 allows remote attackers to read arbitrary files via a .. (dot dot) in the "include file" SSI directive. NOTE: this issue only might be a vulnerability in limited scenarios, such as if html2ps is invoked by a web application, or if a user-assisted attacker provides filenames whose contents could cause a denial of service, such as certain devices.
Source	CVE (at NVD; CERT, LWN, oss-sec, fulldisc, Red Hat, Ubuntu, Gentoo, SUSE bugzilla/CVE, GitHub advisories/code/issues, web search, more)
Debian Bugs	548633

Vulnerable and fixed packages

The table below lists information on source packages.

Source Package	Release	Version	Status
html2ps (PTS)	buster	1.0b7-3	fixed
	bullseye	1.0b7-4	fixed
	sid, trixie, bookworm	1.0b7-6	fixed

The information below is based on the following data on fixed versions.

Package	Type	Release	Fixed Version	Urgency	Origin	Debian Bugs
html2ps	source	(unstable)	1.0b7-1	low		548633

[squeeze] - html2ps <no-dsa> (Minor issue)