14 DAY TRIAL // Canonical has published details in a security notice about a CUPS vulnerability that has been fixed in Ubuntu 14.04 LTS, Ubuntu 12.04 LTS, and Ubuntu 10.04 LTS operating systems.
All the supported Ubuntu releases have been affected by this issue, although Ubuntu 10.04 LTS is actually the server edition. It might seem like this CUPS problem only affects the LTS versions, but right now these are the only ones that are still supported by Canonical, at least until Ubuntu 14.10 is released in October.
According to the security notice, “Francisco Alonso discovered that the CUPS web interface incorrectly validated permissions on rss files. A local attacker could possibly use this issue to bypass file permissions and read arbitrary files, possibly leading to a privilege escalation.”
For a more detailed description of the problems, you can see Canonical's security notification. Users should upgrade their Linux distribution in order to correct this issue. This is not a major vulnerability, but it needed to be closed nonetheless.
The flaw can be fixed if you upgrade your system(s) to the latest CUPS package specific to each distribution. To apply the patch, you can simply run the Update Manager application.
In general, a standard system update will make all the necessary changes.