UbuntuUpdates.org

Package "cups"

Name: cups

Description:

Common UNIX Printing System(tm) - PPD/driver support, web interface

Latest version: 2.4.2-3ubuntu2.5
Release: lunar (23.04)
Level: updates
Repository: main
Homepage: https://github.com/OpenPrinting/cups/

Links


Download "cups"


Other versions of "cups" in Lunar

Repository Area Version
base main 2.4.2-3ubuntu2
security main 2.4.2-3ubuntu2.5

Packages in group

Deleted packages are displayed in grey.


Changelog

Version: 2.4.2-3ubuntu2.5 2023-09-20 17:07:57 UTC

  cups (2.4.2-3ubuntu2.5) lunar-security; urgency=medium

  * SECURITY UPDATE: Postscript parsing heap overflow
    - debian/patches/CVE-2023-4504.patch: properly check for end of buffer
      in cups/raster-interpret.c.
    - CVE-2023-4504

 -- Marc Deslauriers <email address hidden> Fri, 15 Sep 2023 07:16:41 -0400

Source diff to previous version
CVE-2023-4504 Postscript parsing heap-based buffer overflow

Version: 2.4.2-3ubuntu2.4 2023-09-12 21:09:12 UTC

  cups (2.4.2-3ubuntu2.4) lunar-security; urgency=medium

  * SECURITY UPDATE: recently printed documents authentication issue
    - debian/patches/CVE-2023-32360.patch: require authentication for
      CUPS-Get-Document in conf/cupsd.conf.in.
    - CVE-2023-32360

 -- Marc Deslauriers <email address hidden> Mon, 11 Sep 2023 12:27:52 -0400

Source diff to previous version
CVE-2023-32360 An authentication issue was addressed with improved state management. This issue is fixed in macOS Big Sur 11.7.7, macOS Monterey 12.6.6, macOS Ventu

Version: 2.4.2-3ubuntu2.2 2023-06-22 15:07:01 UTC

  cups (2.4.2-3ubuntu2.2) lunar-security; urgency=medium

  * SECURITY UPDATE: use-after-free in cupsdAcceptClient()
    - debian/patches/CVE-2023-34241.patch: log result of httpGetHostname
      BEFORE closing the connection in scheduler/client.c.
    - CVE-2023-34241

 -- Marc Deslauriers <email address hidden> Tue, 13 Jun 2023 08:15:36 -0400

Source diff to previous version
CVE-2023-34241 use-after-free in cupsdAcceptClient()

Version: 2.4.2-3ubuntu2.1 2023-06-01 14:07:20 UTC

  cups (2.4.2-3ubuntu2.1) lunar-security; urgency=medium

  * SECURITY UPDATE: DoS via buffer overflow in format_log_line
    - debian/patches/CVE-2023-32324.patch: check _cups_strlcpy size in
      cups/string.c.
    - CVE-2023-32324

 -- Marc Deslauriers <email address hidden> Thu, 25 May 2023 08:37:20 -0400

CVE-2023-32324 Heap buffer overflow in cupsd



About   -   Send Feedback to @ubuntu_updates