Ubuntu alert USN-7912-2 (cups)
| From: | noreply+usn-bot@canonical.com | |
| To: | ubuntu-security-announce@lists.ubuntu.com | |
| Subject: | [USN-7912-2] CUPS vulnerability | |
| Date: | Thu, 04 Dec 2025 20:35:34 +0000 | |
| Message-ID: | <E1vRG34-0006e0-BS@lists.ubuntu.com> |
========================================================================== Ubuntu Security Notice USN-7912-2 December 04, 2025 cups vulnerability ========================================================================== A security issue affects these releases of Ubuntu and its derivatives: - Ubuntu 20.04 LTS - Ubuntu 18.04 LTS - Ubuntu 16.04 LTS Summary: CUPS could be made to stop responding if it received specially crafted network traffic. Software Description: - cups: Common UNIX Printing System(tm) Details: USN-7912-1 fixed vulnerabilities in CUPS. This update provides the corresponding update for Ubuntu 16.04 LTS, Ubuntu 18.04 LTS, and Ubuntu 20.04 LTS. Original advisory details: Johannes Meixner and Paul Zirnik discovered that CUPS incorrectly handled clients that send messages slowly. A remote attacker could possibly use this issue to cause CUPS to stop responding, resulting in a denial of service. (CVE-2025-58436) In addition, this update fixes a regression introduced in USN-7897-1 which resulted in certain invalid configuration file directives to cause the CUPS daemon to fail to start. Update instructions: The problem can be corrected by updating your system to the following package versions: Ubuntu 20.04 LTS cups 2.3.1-9ubuntu1.9+esm4 Available with Ubuntu Pro cups-daemon 2.3.1-9ubuntu1.9+esm4 Available with Ubuntu Pro Ubuntu 18.04 LTS cups 2.2.7-1ubuntu2.10+esm10 Available with Ubuntu Pro cups-daemon 2.2.7-1ubuntu2.10+esm10 Available with Ubuntu Pro Ubuntu 16.04 LTS cups 2.1.3-4ubuntu0.11+esm12 Available with Ubuntu Pro cups-daemon 2.1.3-4ubuntu0.11+esm12 Available with Ubuntu Pro In general, a standard system update will make all the necessary changes. References: https://ubuntu.com/security/notices/USN-7912-2 https://ubuntu.com/security/notices/USN-7912-1 CVE-2025-58436, https://launchpad.net/bugs/2133207
Attachment: signature.asc (type=application/pgp-signature)
-----BEGIN PGP SIGNATURE----- iQIzBAABCgAdFiEE+8neBLO2Hp/ppPlOcpJm3tlzhgEFAmkx7Q8ACgkQcpJm3tlz hgEA/RAAngYqzSoOx95cPx/ocpxmL4K/5nn6BPx4HVTIlui/6YXFB4UCuzuJh584 LSN+AOHXw86wXI27wSpcdnVnJUXm82Ns/Vntcsvzinp0RZWy3QxHban/L94AZEtj 8ZQ0UsxjJs+ZJpw+WcKSosP9j0ANvpXLl0iMM+6PtYwb6GSsDA/Vr0j3gczKzTnk SJ2pBul5SDnGd+VFsB5feV2QhVbUnJ5NX2RzijXh34r5OysKpWbTgGiO0a7AJZxT YhlioW4iM+mVqJU+R1SS6rgljJ3a13bHapvXmT6JUK/9NAeKWpy2iVaAnPQbYvTu VKIlar20cLt1GLcWaqxWx6pSNX2BiLHfHHtqlSVbGAOLVrtXfUskaFb5sEUvRKX+ gpT/ce/uzFs8Fzxu7PeoFOrMIgS9R5ExX2Ygc7qgpAhJOPvFTpydeR4vamk9Ni3p tG5Riqr2leCzbWOrRb/ZS2jtcMIPeb9HG/29oigdaKQoGBBbZmvl6gRbGLO1mHwJ 3TasipKnSfiT7kRzE6ujtH8++xlSX9eHcQAxSEVX+7qSaqGOa0Nqci3LI6VUesiz MM6wwvPF2sfWcUUfAGl9tzCQQNiB9ejvaJom+q2LEFAKhcKukL76WjSB3cXZL9Yf n6Huf21lqRM6hI631ywBvlWVotS1AS4YVy+WHify4TQO6xnttko= =wr7M -----END PGP SIGNATURE-----