USN-7043-1: cups-filters vulnerabilities

Read Time:33 Second

Simone Margaritelli discovered that the cups-filters cups-browsed component
could be used to create arbitrary printers from outside the local network.
In combination with issues in other printing components, a remote attacker
could possibly use this issue to connect to a system, created manipulated
PPD files, and execute arbitrary code when a printer is used. This update
disables support for the legacy CUPS printer discovery protocol.
(CVE-2024-47176)

Simone Margaritelli discovered that cups-filters incorrectly sanitized IPP
data when creating PPD files. A remote attacker could possibly use this
issue to manipulate PPD files and execute arbitrary code when a printer is
used. (CVE-2024-47076)

Read More

USN-7042-1: cups-browsed vulnerability

Read Time:19 Second

Simone Margaritelli discovered that cups-browsed could be used to create
arbitrary printers from outside the local network. In combination with
issues in other printing components, a remote attacker could possibly use
this issue to connect to a system, created manipulated PPD files, and
execute arbitrary code when a printer is used. This update disables support
for the legacy CUPS printer discovery protocol.

Read More

chromium-129.0.6668.70-1.fc41

Read Time:17 Second

FEDORA-2024-8008ddbd4e

Packages in this update:

chromium-129.0.6668.70-1.fc41

Update description:

Update to 129.0.6668.70

High CVE-2024-9120: Use after free in Dawn
High CVE-2024-9121: Inappropriate implementation in V8
High CVE-2024-9122: Type Confusion in V8
High CVE-2024-9123: Integer overflow in Skia

Read More