USN-6844-2: CUPS regression

Read Time:27 Second

USN-6844-1 fixed vulnerabilities in the CUPS package. The update
lead to the discovery of a regression in CUPS with regards to
how the cupsd daemon handles Listen configuration directive.
This update fixes the problem.

We apologize for the inconvenience.

Original advisory details:
Rory McNamara discovered that when starting the cupsd server with a
Listen configuration item, the cupsd process fails to validate if
bind call passed. An attacker could possibly trick cupsd to perform
an arbitrary chmod of the provided argument, providing world-writable
access to the target.

Generated by Feedzy

Cyber Security News

Mobile Political Spam Surges Threefold For 2024 Election

Chrome Update Will Block Entrust Certificates by November 2024

Ransomware Attack Demands Reach a Staggering $5.2m in 2024

Public Surveillance of Bars

Navigating the Cybersecurity Landscape: A Deep Dive into Effective SIEM Strategies

Health Tech Execs Get Jail Time For $1bn Fraud Scheme

Cisco Patches Zero-Day Bug Used by Chinese Velvet Ant Group

Upcoming Book on AI and Democracy

Meta’s ‘Pay or Consent’ Data Model Breaches EU Law

onnx-1.14.1-3.fc40

squid-6.10-1.fc40

squid-6.10-1.fc39

wordpress-6.5.5-1.fc39

wordpress-6.5.5-1.fc40

wordpress-6.5.5-1.el9