USN-6844-1 fixed vulnerabilities in the CUPS package. The update
lead to the discovery of a regression in CUPS with regards to
how the cupsd daemon handles Listen configuration directive.
This update fixes the problem.
We apologize for the inconvenience.
Original advisory details:
Rory McNamara discovered that when starting the cupsd server with a
Listen configuration item, the cupsd process fails to validate if
bind call passed. An attacker could possibly trick cupsd to perform
an arbitrary chmod of the provided argument, providing world-writable
access to the target.
More Stories
onnx-1.14.1-3.fc40
FEDORA-2024-d9c7181a19 Packages in this update: onnx-1.14.1-3.fc40 Update description: Security fix for CVE-2024-5187 Read More
squid-6.10-1.fc40
FEDORA-2024-110b39017e Packages in this update: squid-6.10-1.fc40 Update description: version update security update Read More
squid-6.10-1.fc39
FEDORA-2024-8ca9261bdd Packages in this update: squid-6.10-1.fc39 Update description: version update security update Read More
wordpress-6.5.5-1.fc39
FEDORA-2024-89d685e856 Packages in this update: wordpress-6.5.5-1.fc39 Update description: WordPress 6.5.5 Maintenance & Security Release Security updates included in this release...
wordpress-6.5.5-1.fc40
FEDORA-2024-6a4ffde369 Packages in this update: wordpress-6.5.5-1.fc40 Update description: WordPress 6.5.5 Maintenance & Security Release Security updates included in this release...
wordpress-6.5.5-1.el9
FEDORA-EPEL-2024-e1546d5caf Packages in this update: wordpress-6.5.5-1.el9 Update description: WordPress 6.5.5 Maintenance & Security Release Security updates included in this release...