UbuntuUpdates.org

Package "cups-ppdc"

Name: cups-ppdc

Description:

Common UNIX Printing System(tm) - PPD manipulation utilities
Latest version: 2.4.12-0ubuntu1.6
Release: plucky (25.04)
Level: security
Repository: main
Head package: cups
Homepage: https://github.com/OpenPrinting/cups/

Links

All versions of this package
Bug fixes

List of files in package
Repository home page

Download "cups-ppdc"

32-bit deb package
64-bit deb package
APT INSTALL

Other versions of "cups-ppdc" in Plucky

Repository Area Version
base main 2.4.12-0ubuntu1
updates main 2.4.12-0ubuntu1.6

Changelog

Version: 2.4.12-0ubuntu1.6 2025-12-04 21:11:28 UTC

  cups (2.4.12-0ubuntu1.6) plucky-security; urgency=medium

  * SECURITY UPDATE: Slow client communication leads to a possible DoS
    attack
    - debian/patches/CVE-2025-58436-1.patch: fix unresponsive cupsd process
      caused by a slow client in cups/http-private.h, cups/http.c,
      cups/tls-openssl.c, scheduler/client.c, scheduler/client.h,
      scheduler/select.c.
    - debian/patches/CVE-2025-58436-2.patch: fix an infinite loop issue in
      GTK+ in cups/http.c.
    - CVE-2025-58436
  * SECURITY REGRESSION: issue with invalid configuration (LP: #2133207)
    - debian/patches/lp2133207.patch: fix stopping scheduler on unknown
      directive in scheduler/conf.c.

 -- Marc Deslauriers <email address hidden> Wed, 03 Dec 2025 09:42:19 -0500
Source diff to previous version
2133207 cups security update causes issues with invalid config file
CVE-2025-58436 OpenPrinting CUPS is an open source printing system for Linux and other Unix-like operating systems. Prior to version 2.4.15, a client that connects

Version: 2.4.12-0ubuntu1.4 2025-11-27 19:55:43 UTC

  cups (2.4.12-0ubuntu1.4) plucky-security; urgency=medium

  * SECURITY UPDATE: Local denial-of-service via cupsd.conf update and
    related issues
    - debian/patches/CVE-2025-61915.patch: fix various issues in cupsd in
      conf/cups-files.conf.in, config-scripts/cups-defaults.m4,
      config.h.in, configure, doc/help/man-cups-files.conf.html,
      man/cups-files.conf.5, scheduler/auth.c, scheduler/auth.h,
      scheduler/client.c, scheduler/conf.c, test/run-stp-tests.sh,
      vcnet/config.h, xcode/CUPS.xcodeproj/project.pbxproj, xcode/config.h.
    - CVE-2025-61915

 -- Marc Deslauriers <email address hidden> Wed, 19 Nov 2025 09:23:27 -0500
Source diff to previous version

Version: 2.4.12-0ubuntu1.1 2025-09-11 18:07:09 UTC

  cups (2.4.12-0ubuntu1.1) plucky-security; urgency=medium

  * SECURITY UPDATE: authorization bypass
    - d/p/CVE-2025-58060.patch: only allow basic and kerberos authentication
      if it is enabled.
    - CVE-2025-58060
  * SECURITY UPDATE: remote DoS
    - d/p/CVE-2025-58364.patch: fix null dereference in ipp_read_io().
    - CVE-2025-58364

 -- Eduardo Barretto <email address hidden> Fri, 05 Sep 2025 17:32:37 +0200


About   -   Send Feedback to @ubuntu_updates