UbuntuUpdates.org

Package "cups-ipp-utils"

Name: cups-ipp-utils

Description:

Common UNIX Printing System(tm) - IPP developer/admin utilities

Latest version: 2.3.1-9ubuntu1.6
Release: focal (20.04)
Level: security
Repository: main
Head package: cups
Homepage: https://www.cups.org/

Links


Download "cups-ipp-utils"


Other versions of "cups-ipp-utils" in Focal

Repository Area Version
base main 2.3.1-9ubuntu1
updates main 2.3.1-9ubuntu1.6

Changelog

Version: 2.3.1-9ubuntu1.6 2023-09-20 16:08:29 UTC

  cups (2.3.1-9ubuntu1.6) focal-security; urgency=medium

  * SECURITY UPDATE: Postscript parsing heap overflow
    - debian/patches/CVE-2023-4504.patch: properly check for end of buffer
      in cups/raster-interpret.c.
    - CVE-2023-4504

 -- Marc Deslauriers <email address hidden> Fri, 15 Sep 2023 07:20:26 -0400

Source diff to previous version
CVE-2023-4504 Postscript parsing heap-based buffer overflow

Version: 2.3.1-9ubuntu1.5 2023-09-12 19:08:00 UTC

  cups (2.3.1-9ubuntu1.5) focal-security; urgency=medium

  * SECURITY UPDATE: recently printed documents authentication issue
    - debian/patches/CVE-2023-32360.patch: require authentication for
      CUPS-Get-Document in conf/cupsd.conf.in.
    - CVE-2023-32360

 -- Marc Deslauriers <email address hidden> Mon, 11 Sep 2023 12:30:19 -0400

Source diff to previous version
CVE-2023-32360 An authentication issue was addressed with improved state management. This issue is fixed in macOS Big Sur 11.7.7, macOS Monterey 12.6.6, macOS Ventu

Version: 2.3.1-9ubuntu1.4 2023-06-22 13:07:01 UTC

  cups (2.3.1-9ubuntu1.4) focal-security; urgency=medium

  * SECURITY UPDATE: use-after-free in cupsdAcceptClient()
    - debian/patches/CVE-2023-34241.patch: log result of httpGetHostname
      BEFORE closing the connection in scheduler/client.c.
    - CVE-2023-34241

 -- Marc Deslauriers <email address hidden> Tue, 13 Jun 2023 08:17:47 -0400

Source diff to previous version

Version: 2.3.1-9ubuntu1.3 2023-06-01 13:07:08 UTC

  cups (2.3.1-9ubuntu1.3) focal-security; urgency=medium

  * SECURITY UPDATE: DoS via buffer overflow in format_log_line
    - debian/patches/CVE-2023-32324.patch: check _cups_strlcpy size in
      cups/string.c.
    - CVE-2023-32324

 -- Marc Deslauriers <email address hidden> Thu, 25 May 2023 08:43:14 -0400

Source diff to previous version
CVE-2023-32324 Heap buffer overflow in cupsd

Version: 2.3.1-9ubuntu1.2 2022-05-31 15:06:24 UTC

  cups (2.3.1-9ubuntu1.2) focal-security; urgency=medium

  * SECURITY UPDATE: buffer overflow in ippReadIO
    - debian/patches/CVE-2019-8842.patch: fix check in cups/ipp.c.
    - CVE-2019-8842
  * SECURITY UPDATE: buffer overflow in ippReadIO
    - debian/patches/CVE-2020-10001.patch: fix bounds checks in cups/ipp.c.
    - CVE-2020-10001
  * SECURITY UPDATE: Local authorization cert bypass
    - debian/patches/CVE-2022-26691-1.patch: fix string comparison in
      scheduler/cert.c.
    - debian/patches/CVE-2022-26691-2.patch: fix the comment in
      scheduler/cert.c.
    - CVE-2022-26691

 -- Marc Deslauriers <email address hidden> Fri, 27 May 2022 10:51:54 -0400

CVE-2019-8842 A buffer overflow was addressed with improved bounds checking. This issue is fixed in macOS Catalina 10.15.2, Security Update 2019-002 Mojave, and Se
CVE-2020-10001 An input validation issue was addressed with improved memory handling. This issue is fixed in macOS Big Sur 11.1, Security Update 2020-001 Catalina,
CVE-2022-26691 A logic issue was addressed with improved state management. This issue is fixed in Security Update 2022-003 Catalina, macOS Monterey 12.3, macOS Big



About   -   Send Feedback to @ubuntu_updates