It was discovered that the Booth cluster ticket manager failed to
correctly validate some authentication hashes.
Category Archives: Advisories
DSA-5776-1 tryton-server – security update
Albert Cervera discovered two missing authorisation checks in the Tryton
application platform.
cups-2.4.10-7.fc39 cups-browsed-2.0.1-3.fc39 libcupsfilters-2.1~b1-3.fc39 libppd-2.1~b1-2.fc39
FEDORA-2024-cf6ab63871
Packages in this update:
cups-2.4.10-7.fc39
cups-browsed-2.0.1-3.fc39
libcupsfilters-2.1~b1-3.fc39
libppd-2.1~b1-2.fc39
Update description:
Fix for remote vulnerabilities against OpenPrinting cups-filters
cups-2.4.10-7.fc40 cups-browsed-2.0.1-3.fc40 libcupsfilters-2.1~b1-3.fc40 libppd-2.1~b1-2.fc40
FEDORA-2024-01127974ec
Packages in this update:
cups-2.4.10-7.fc40
cups-browsed-2.0.1-3.fc40
libcupsfilters-2.1~b1-3.fc40
libppd-2.1~b1-2.fc40
Update description:
Fix for remote vulnerabilities against OpenPrinting cups-filters
cups-2.4.10-7.fc41 cups-browsed-2.0.1-3.fc41 libcupsfilters-2.1~b1-3.fc41 libppd-2.1~b1-2.fc41
FEDORA-2024-3fc82fed09
Packages in this update:
cups-2.4.10-7.fc41
cups-browsed-2.0.1-3.fc41
libcupsfilters-2.1~b1-3.fc41
libppd-2.1~b1-2.fc41
Update description:
Fix for remove vulnerabilities against OpenPrinting cups-filters
USN-7045-1: libppd vulnerability
Simone Margaritelli discovered that libppd incorrectly sanitized IPP data
when creating PPD files. A remote attacker could possibly use this issue to
manipulate PPD files and execute arbitrary code when a printer is used.
USN-7044-1: libcupsfilters vulnerability
Simone Margaritelli discovered that libcupsfilters incorrectly sanitized
IPP data when creating PPD files. A remote attacker could possibly use this
issue to manipulate PPD files and execute arbitrary code when a printer is
used.
USN-7043-1: cups-filters vulnerabilities
Simone Margaritelli discovered that the cups-filters cups-browsed component
could be used to create arbitrary printers from outside the local network.
In combination with issues in other printing components, a remote attacker
could possibly use this issue to connect to a system, created manipulated
PPD files, and execute arbitrary code when a printer is used. This update
disables support for the legacy CUPS printer discovery protocol.
(CVE-2024-47176)
Simone Margaritelli discovered that cups-filters incorrectly sanitized IPP
data when creating PPD files. A remote attacker could possibly use this
issue to manipulate PPD files and execute arbitrary code when a printer is
used. (CVE-2024-47076)
USN-7042-1: cups-browsed vulnerability
Simone Margaritelli discovered that cups-browsed could be used to create
arbitrary printers from outside the local network. In combination with
issues in other printing components, a remote attacker could possibly use
this issue to connect to a system, created manipulated PPD files, and
execute arbitrary code when a printer is used. This update disables support
for the legacy CUPS printer discovery protocol.
USN-7041-1: CUPS vulnerability
Simone Margaritelli discovered that CUPS incorrectly sanitized IPP
data when creating PPD files. A remote attacker could possibly use this
issue to manipulate PPD files and execute arbitrary code when a printer is
used.