Package "cups-common"

Name:	cups-common
Description:	Common UNIX Printing System(tm) - common files
Latest version:	2.4.7-1.2ubuntu7.9
Release:	noble (24.04)
Level:	security
Repository:	main
Head package:	cups
Homepage:	https://github.com/OpenPrinting/cups/

Links

Raw Package Information

All versions of this package

Bug fixes

List of files in package

Repository home page

Download "cups-common"

All arch deb package

APT INSTALL

Other versions of "cups-common" in Noble

Repository	Area	Version
base	main	2.4.7-1.2ubuntu7
updates	main	2.4.7-1.2ubuntu7.9

Changelog

Version: 2.4.7-1.2ubuntu7.9 2025-12-04 21:11:27 UTC

cups (2.4.7-1.2ubuntu7.9) noble-security; urgency=medium * SECURITY UPDATE: Slow client communication leads to a possible DoS attack - debian/patches/CVE-2025-58436-1.patch: fix unresponsive cupsd process caused by a slow client in cups/http-private.h, cups/http.c, cups/tls-openssl.c, scheduler/client.c, scheduler/client.h, scheduler/select.c. - debian/patches/CVE-2025-58436-2.patch: fix an infinite loop issue in GTK+ in cups/http.c. - CVE-2025-58436 * SECURITY REGRESSION: issue with invalid configuration (LP: #2133207) - debian/patches/lp2133207.patch: fix stopping scheduler on unknown directive in scheduler/conf.c. -- Marc Deslauriers <email address hidden> Wed, 03 Dec 2025 09:43:23 -0500

Source diff to previous version

2133207	cups security update causes issues with invalid config file
CVE-2025-58436	OpenPrinting CUPS is an open source printing system for Linux and other Unix-like operating systems. Prior to version 2.4.15, a client that connects

Version: 2.4.7-1.2ubuntu7.7 2025-11-27 19:55:36 UTC

Version: 2.4.7-1.2ubuntu7.7	2025-11-27 19:55:36 UTC
cups (2.4.7-1.2ubuntu7.7) noble-security; urgency=medium * SECURITY UPDATE: Local denial-of-service via cupsd.conf update and related issues - debian/patches/CVE-2025-61915.patch: fix various issues in cupsd in conf/cups-files.conf.in, config-scripts/cups-defaults.m4, config.h.in, configure, doc/help/man-cups-files.conf.html, man/cups-files.conf.5, scheduler/auth.c, scheduler/auth.h, scheduler/client.c, scheduler/conf.c, test/run-stp-tests.sh, vcnet/config.h, xcode/CUPS.xcodeproj/project.pbxproj, xcode/config.h. - CVE-2025-61915 -- Marc Deslauriers <email address hidden> Wed, 19 Nov 2025 09:25:04 -0500
Source diff to previous version

cups (2.4.7-1.2ubuntu7.7) noble-security; urgency=medium * SECURITY UPDATE: Local denial-of-service via cupsd.conf update and related issues - debian/patches/CVE-2025-61915.patch: fix various issues in cupsd in conf/cups-files.conf.in, config-scripts/cups-defaults.m4, config.h.in, configure, doc/help/man-cups-files.conf.html, man/cups-files.conf.5, scheduler/auth.c, scheduler/auth.h, scheduler/client.c, scheduler/conf.c, test/run-stp-tests.sh, vcnet/config.h, xcode/CUPS.xcodeproj/project.pbxproj, xcode/config.h. - CVE-2025-61915 -- Marc Deslauriers <email address hidden> Wed, 19 Nov 2025 09:25:04 -0500

Source diff to previous version

Version: 2.4.7-1.2ubuntu7.4	2025-09-11 18:07:08 UTC
`cups (2.4.7-1.2ubuntu7.4) noble-security; urgency=medium * SECURITY UPDATE: authorization bypass - d/p/CVE-2025-58060.patch: only allow basic and kerberos authentication if it is enabled. - CVE-2025-58060 * SECURITY UPDATE: remote DoS - d/p/CVE-2025-58364.patch: fix null dereference in ipp_read_io(). - CVE-2025-58364 -- Eduardo Barretto <email address hidden> Fri, 05 Sep 2025 17:58:36 +0200`
Source diff to previous version

Version: 2.4.7-1.2ubuntu7.3 2024-09-26 22:06:53 UTC

Version: 2.4.7-1.2ubuntu7.3	2024-09-26 22:06:53 UTC
cups (2.4.7-1.2ubuntu7.3) noble-security; urgency=medium * SECURITY UPDATE: PPD injection issues (LP: #2082335) - debian/patches/sec-202409-1.patch: validate URIs, attribute names, and capabilities in cups/ppd-cache.c, scheduler/ipp.c. - debian/patches/sec-202409-2.patch: sanitize make and model in cups/ppd-cache.c. - debian/patches/sec-202409-3.patch: PPDize preset and template names in cups/ppd-cache.c. - debian/patches/sec-202409-4.patch: quote PPD localized strings in cups/ppd-cache.c. - debian/patches/sec-202409-5.patch: fix warnings in cups/ppd-cache.c. - CVE number pending -- Marc Deslauriers <email address hidden> Thu, 26 Sep 2024 07:15:36 -0400
Source diff to previous version

cups (2.4.7-1.2ubuntu7.3) noble-security; urgency=medium * SECURITY UPDATE: PPD injection issues (LP: #2082335) - debian/patches/sec-202409-1.patch: validate URIs, attribute names, and capabilities in cups/ppd-cache.c, scheduler/ipp.c. - debian/patches/sec-202409-2.patch: sanitize make and model in cups/ppd-cache.c. - debian/patches/sec-202409-3.patch: PPDize preset and template names in cups/ppd-cache.c. - debian/patches/sec-202409-4.patch: quote PPD localized strings in cups/ppd-cache.c. - debian/patches/sec-202409-5.patch: fix warnings in cups/ppd-cache.c. - CVE number pending -- Marc Deslauriers <email address hidden> Thu, 26 Sep 2024 07:15:36 -0400

Source diff to previous version

Version: 2.4.7-1.2ubuntu7.2 2024-06-28 13:07:13 UTC

cups (2.4.7-1.2ubuntu7.2) noble-security; urgency=medium * SECURITY REGRESSION: early exit on missing listen directive - d/p/fix-scheduler-start-if-only-domain-socket-to-listen.patch: don't exit if no valid Listen or Port found (LP: #2070315) -- Sudhakar Verma <email address hidden> Thu, 27 Jun 2024 19:17:32 +0530

2070315

error in /etc/cups/cupsd.conf from today's patch

About - Send Feedback to @ubuntu_updates

Package "cups-common"

Links

Download "cups-common"

Other versions of "cups-common" in Noble

Changelog

Share this page

Bookmarks

Latest updates

proposed

PPA updates