UbuntuUpdates.org

Package "libcupsimage2"

Name: libcupsimage2

Description:

Common UNIX Printing System(tm) - Raster image library
Latest version: 2.4.1op1-1ubuntu4.16
Release: jammy (22.04)
Level: updates
Repository: main
Head package: cups
Homepage: https://github.com/OpenPrinting/cups/

Links

All versions of this package
Bug fixes

List of files in package
Repository home page

Download "libcupsimage2"

32-bit deb package
64-bit deb package
APT INSTALL

Other versions of "libcupsimage2" in Jammy

Repository Area Version
base main 2.4.1op1-1ubuntu4
security main 2.4.1op1-1ubuntu4.16

Changelog

Version: 2.4.1op1-1ubuntu4.9 2024-06-24 14:07:13 UTC

  cups (2.4.1op1-1ubuntu4.9) jammy-security; urgency=medium

  * SECURITY UPDATE: cupsd listen arbitrary chmod 0140777
    - debian/patches/CVE-2024-35235.patch: validate status of unlink and bind
      in cups/http-addr.c
    - CVE-2024-35235

 -- Sudhakar Verma <email address hidden> Fri, 21 Jun 2024 00:32:50 +0530
Source diff to previous version
CVE-2024-35235 OpenPrinting CUPS is an open source printing system for Linux and other Unix-like operating systems. In versions 2.4.8 and earlier, when starting the

Version: 2.4.1op1-1ubuntu4.8 2024-03-07 19:07:05 UTC

  cups (2.4.1op1-1ubuntu4.8) jammy; urgency=medium

  * The "lpoptions" utility, when run as root was writing into the file
    /root/.cups/lpoptions instread of /etc/cups/lpoptions. System software
    should never write into /root/ (LP: #2052925).

 -- Till Kamppeter <email address hidden> Wed, 14 Feb 2023 14:10:00 +0100
Source diff to previous version
2052925 lpoptions -d as root

Version: 2.4.1op1-1ubuntu4.7 2023-09-20 17:07:55 UTC

  cups (2.4.1op1-1ubuntu4.7) jammy-security; urgency=medium

  * SECURITY UPDATE: Postscript parsing heap overflow
    - debian/patches/CVE-2023-4504.patch: properly check for end of buffer
      in cups/raster-interpret.c.
    - CVE-2023-4504

 -- Marc Deslauriers <email address hidden> Fri, 15 Sep 2023 07:19:58 -0400
Source diff to previous version
CVE-2023-4504 Postscript parsing heap-based buffer overflow

Version: 2.4.1op1-1ubuntu4.6 2023-09-13 01:07:12 UTC

  cups (2.4.1op1-1ubuntu4.6) jammy-security; urgency=medium

  * SECURITY UPDATE: recently printed documents authentication issue
    - debian/patches/CVE-2023-32360.patch: require authentication for
      CUPS-Get-Document in conf/cupsd.conf.in.
    - CVE-2023-32360

 -- Marc Deslauriers <email address hidden> Mon, 11 Sep 2023 12:29:43 -0400
Source diff to previous version
CVE-2023-32360 An authentication issue was addressed with improved state management. This issue is fixed in macOS Big Sur 11.7.7, macOS Monterey 12.6.6, macOS Ventu

Version: 2.4.1op1-1ubuntu4.4 2023-06-22 17:06:58 UTC

  cups (2.4.1op1-1ubuntu4.4) jammy-security; urgency=medium

  * SECURITY UPDATE: use-after-free in cupsdAcceptClient()
    - debian/patches/CVE-2023-34241.patch: log result of httpGetHostname
      BEFORE closing the connection in scheduler/client.c.
    - CVE-2023-34241
  * This package does _not_ contain the changes from 2.4.1op1-1ubuntu4.3 in
    jammy-proposed.

 -- Marc Deslauriers <email address hidden> Tue, 13 Jun 2023 08:17:22 -0400
CVE-2023-34241 use-after-free in cupsdAcceptClient()


About   -   Send Feedback to @ubuntu_updates