This bug was fixed in the package cups - 2.3.1-9ubuntu1.9
---------------
cups (2.3.1-9ubuntu1.9) focal-security; urgency=medium
* SECURITY UPDATE: PPD injection issues (LP: #2082335)
- debian/patches/sec-202409-1.patch: validate URIs, attribute names,
and capabilities in cups/ppd-cache.c, scheduler/ipp.c.
- debian/patches/sec-202409-2.patch: sanitize make and model in
cups/ppd-cache.c.
- debian/patches/sec-202409-3.patch: PPDize preset and template names
in cups/ppd-cache.c.
- debian/patches/sec-202409-4.patch: quote PPD localized strings in
cups/ppd-cache.c.
- debian/patches/sec-202409-5.patch: fix warnings in cups/ppd-cache.c.
- CVE number pending
-- Marc Deslauriers <marc.deslauri...@ubuntu.com> Thu, 26 Sep 2024
08:44:22 -0400
** Changed in: cups (Ubuntu Focal)
Status: New => Fix Released
** Changed in: cups-browsed (Ubuntu Noble)
Status: New => Fix Released
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/2082335
Title:
Sept 2024 security issue tracking bug
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/cups/+bug/2082335/+subscriptions
--
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
