Ubuntu alert USN-7041-1 (cups)
From: | Marc Deslauriers <marc.deslauriers@canonical.com> | |
To: | "ubuntu-security-announce@lists.ubuntu.com" <ubuntu-security-announce@lists.ubuntu.com> | |
Subject: | [USN-7041-1] CUPS vulnerability | |
Date: | Thu, 26 Sep 2024 17:56:16 -0400 | |
Message-ID: | <9c23f67e-d39e-4bfb-97ba-335b55ef07bd@canonical.com> |
========================================================================== Ubuntu Security Notice USN-7041-1 September 26, 2024 cups vulnerability ========================================================================== A security issue affects these releases of Ubuntu and its derivatives: - Ubuntu 24.04 LTS - Ubuntu 22.04 LTS - Ubuntu 20.04 LTS Summary: CUPS could be made to crash or run programs if it received specially crafted network traffic. Software Description: - cups: Common UNIX Printing System(tm) Details: Simone Margaritelli discovered that CUPS incorrectly sanitized IPP data when creating PPD files. A remote attacker could possibly use this issue to manipulate PPD files and execute arbitrary code when a printer is used. Update instructions: The problem can be corrected by updating your system to the following package versions: Ubuntu 24.04 LTS cups 2.4.7-1.2ubuntu7.3 Ubuntu 22.04 LTS cups 2.4.1op1-1ubuntu4.11 Ubuntu 20.04 LTS cups 2.3.1-9ubuntu1.9 In general, a standard system update will make all the necessary changes. References: https://ubuntu.com/security/notices/USN-7041-1 CVE-2024-47175 Package Information: https://launchpad.net/ubuntu/+source/cups/2.4.7-1.2ubuntu7.3 https://launchpad.net/ubuntu/+source/cups/2.4.1op1-1ubunt... https://launchpad.net/ubuntu/+source/cups/2.3.1-9ubuntu1.9
Attachment: OpenPGP_signature.asc (type=application/pgp-signature)
-----BEGIN PGP SIGNATURE----- iQIzBAEBCgAdFiEEUMSg3c8x5FLOsZtRZWnYVadEvpMFAmb12IEACgkQZWnYVadE vpMNWBAArjVVG8LlBIp+fi748Gh0dNi6jsmHM/HjyuX58RH9aY4fUoMCWLGWIK9l 7cLmijXRXr0ulmdnDnFaNepcpdEkpZbbX0h++eak9S3aIhjIfrOk+sy5h2XkhhUS I6KcWt3c+lPTjy4fxjZuil+cF500XQN6Y3lbxbIwBRyjHYb1pRnsoO9ePCuPksg+ t3IS7SGK7liBDuSY6MHljnSRwWOeWKKlw8ZnwPLH6yGOuJgjeDG5871Z+q8vsTk3 n32wuV023iZDNw0WYSOazhDVELu7+i6x729DRtVhixduEyF/3wu3j8KdxyPjLFnw Fv4TWFW0UlTGIiC2TEGhlzMZqaLd+JEP16Dfug89NmrXU+HjZFkvCbnJNeHWQtSw dGet+b+Hf88S2SIhMmK/9MEGQZbZkYRaUE7CqWPhfqinxsVqKBliyD7emndwvFJm UM3/4NU+fsOXXBOF68vcLF24JxKrN9hDxPXuOPJEVJiWPdhw6HxOXmeKwF8HzmhW vQCkx/IxnW2wDVWYLbJ8iKXE0oA8PDONyST82AjLCgnki1p56MWLG36p6pxF6QMg +jR9U4F4ynCzEU07QtCg3TEscY+6zETlydtq6ejypQIjOlOgTrvRf7tT6NFI+46c 4461ZHVdRhj2yfYpzTAqoKrXpa8OkpzEP8ocGV9YoTERkTnKAGg= =+2XM -----END PGP SIGNATURE-----
Attachment: None (type=text/plain)