UbuntuUpdates.org

Package "cups-server-common"

Name: cups-server-common

Description:

Common UNIX Printing System(tm) - server common files

Latest version: 2.4.1op1-1ubuntu4.11
Release: jammy (22.04)
Level: security
Repository: main
Head package: cups
Homepage: https://github.com/OpenPrinting/cups/

Links


Download "cups-server-common"


Other versions of "cups-server-common" in Jammy

Repository Area Version
base main 2.4.1op1-1ubuntu4
updates main 2.4.1op1-1ubuntu4.11

Changelog

Version: 2.4.1op1-1ubuntu4.4 2023-06-22 16:06:54 UTC

  cups (2.4.1op1-1ubuntu4.4) jammy-security; urgency=medium

  * SECURITY UPDATE: use-after-free in cupsdAcceptClient()
    - debian/patches/CVE-2023-34241.patch: log result of httpGetHostname
      BEFORE closing the connection in scheduler/client.c.
    - CVE-2023-34241
  * This package does _not_ contain the changes from 2.4.1op1-1ubuntu4.3 in
    jammy-proposed.

 -- Marc Deslauriers <email address hidden> Tue, 13 Jun 2023 08:17:22 -0400

Source diff to previous version
CVE-2023-34241 use-after-free in cupsdAcceptClient()

Version: 2.4.1op1-1ubuntu4.2 2023-06-01 13:07:12 UTC

  cups (2.4.1op1-1ubuntu4.2) jammy-security; urgency=medium

  * SECURITY UPDATE: DoS via buffer overflow in format_log_line
    - debian/patches/CVE-2023-32324.patch: check _cups_strlcpy size in
      cups/string.c.
    - CVE-2023-32324

 -- Marc Deslauriers <email address hidden> Thu, 25 May 2023 08:42:49 -0400

Source diff to previous version
CVE-2023-32324 Heap buffer overflow in cupsd

Version: 2.4.1op1-1ubuntu4.1 2022-05-31 15:06:35 UTC

  cups (2.4.1op1-1ubuntu4.1) jammy-security; urgency=medium

  * SECURITY UPDATE: Local authorization cert bypass
    - debian/patches/CVE-2022-26691-1.patch: fix string comparison in
      scheduler/cert.c.
    - debian/patches/CVE-2022-26691-2.patch: fix the comment in
      scheduler/cert.c.
    - CVE-2022-26691

 -- Marc Deslauriers <email address hidden> Fri, 27 May 2022 07:53:01 -0400

CVE-2022-26691 A logic issue was addressed with improved state management. This issue is fixed in Security Update 2022-003 Catalina, macOS Monterey 12.3, macOS Big



About   -   Send Feedback to @ubuntu_updates