Unix News Tutorials Events and Stuff: [USN-7044-1] libcupsfilters vulnerability

Thursday, September 26, 2024

[USN-7044-1] libcupsfilters vulnerability

-----BEGIN PGP SIGNATURE-----

iQIzBAEBCgAdFiEEUMSg3c8x5FLOsZtRZWnYVadEvpMFAmb12NsACgkQZWnYVadE
vpNtTBAAh5igk4n/9ouikW16Ae4YTVrpVnCgC6yR9DzG323KqfgtMI73EQ3+duos
QRWqcZ9CGYZi5aMHfR0lyvpmP3bik55tusiFABt8wAre0PpXE1+Mm5mz/x5MBmEK
NRL3SBT+T7j7JFAxklpy/3Wrpfn/2+DroHOrs7tM5Dol47RZ/B0/eErGKVy9Iz5R
B7XkI+rZriiMC1gwsdQfT5enNaInSx5/vGKwYdRBGWI8rGvHRNihIJ6x+hhVN3Ba
ngXWS3OcdDiws6qFtM/ycYCx2zyi6wdNqbTYAQ5EOf8S+A5/ntq2bf9sXf4mpdw8
c//Uh2OW5rpxGVzR5uJd7FscxERv2ifw6ktUJcG3Y3cJ18+SD/jgE5XOQ9SFXfIs
iD0X05+OkCtpWk9iZkdK1ksg7u9r3J1GJDVuK8tioAfV6hXsH8E3EnUPhERafzQz
GfTcJ2yQ/ptKacw5JJBfmBMwiAP4w1Y8ud2v8UFp+ekU389rysQfr1rDckrHzzPe
eZ4Ec3XZ6wlkoTw1AYJ6jfQ1LPy2alHzIxqVgNTdhGSlOIb/pPL46x0D/PSYv39l
TydlRkmBXgkWPAnqxf4Cl/YE46DS2B63FOgzxS5krcLFs+5vmMD7CCC8Tj5ZeiBH
Rnl2GJEc9ZMKMmPdtXjaiLtfApLkSJgDyy4fSoFwEeUon1n2o+g=
=60LF
-----END PGP SIGNATURE-----
==========================================================================
Ubuntu Security Notice USN-7044-1
September 26, 2024

libcupsfilters vulnerability
==========================================================================

A security issue affects these releases of Ubuntu and its derivatives:

- Ubuntu 24.04 LTS

Summary:

libcupsfilters could be made to run programs if it received specially
crafted network traffic.

Software Description:
- libcupsfilters: OpenPrinting libcupsfilters

Details:

Simone Margaritelli discovered that libcupsfilters incorrectly sanitized
IPP data when creating PPD files. A remote attacker could possibly use this
issue to manipulate PPD files and execute arbitrary code when a printer is
used.

Update instructions:

The problem can be corrected by updating your system to the following
package versions:

Ubuntu 24.04 LTS
libcupsfilters2-common 2.0.0-0ubuntu7.1
libcupsfilters2t64 2.0.0-0ubuntu7.1

In general, a standard system update will make all the necessary changes.

References:
https://ubuntu.com/security/notices/USN-7044-1
CVE-2024-47076

Package Information:
https://launchpad.net/ubuntu/+source/libcupsfilters/2.0.0-0ubuntu7.1

Thursday, September 26, 2024

[USN-7044-1] libcupsfilters vulnerability

No comments:

Post a Comment