-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 - ------------------------------------------------------------------------- Debian LTS Advisory DLA-3905-1 [email protected] https://www.debian.org/lts/security/ Thorsten Alteholz September 29, 2024 https://wiki.debian.org/LTS - -------------------------------------------------------------------------
Package : cups-filters Version : 1.28.7-1+deb11u3 CVE ID : CVE-2024-47076 CVE-2024-47176 Debian Bug : 1082820 1082827 Simone Margaritelli reported several vulnerabilities in cups-filters. Missing validation of IPP attributes returned from an IPP server and multiple bugs in the cups-browsed component can result in the execution of arbitrary commands without authentication when a print job is started. For Debian 11 bullseye, these problems have been fixed in version 1.28.7-1+deb11u3. We recommend that you upgrade your cups-filters packages. For the detailed security status of cups-filters please refer to its security tracker page at: https://security-tracker.debian.org/tracker/cups-filters Further information about Debian LTS security advisories, how to apply these updates to your system and frequently asked questions can be found at: https://wiki.debian.org/LTS -----BEGIN PGP SIGNATURE----- iQKTBAEBCgB9FiEEYgH7/9u94Hgi6ruWlvysDTh7WEcFAmb5xoBfFIAAAAAALgAo aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldDYy MDFGQkZGREJCREUwNzgyMkVBQkI5Njk2RkNBQzBEMzg3QjU4NDcACgkQlvysDTh7 WEeo6w//ZyDnl6WD/BcCRJK+5jeP+ikPCyEb5w/zJyiQfoIgMchCBSkd/UwQXEmW eCLOT6xOB3oY25qYsVT4a5nOS3MYNaShP1SUDOVPqdkduKcRr3lfBLGC6l6Gu40l dZpfayw2hKWzDgUlL//QhsKEuwIHZ2ubA2BIg+Cd1YvsPL2jAljPjBHgFXUU8B1g vFsvCErdzhcCcuXIZ+qfDvuP3TZcop+Z+5oc9Ila4YEYko0yTv1SznwxydfPtnwo H9uLnnLOhUs24Ve9cbuLndZReZ1wGutsTEn8TuDVcg+SisL9VN50zkUF12yYsok3 Pf/NwhjyMAD2XI0hz4Dg98rSEINtH2g60JhM+T5OpCkXTD7hvq+/3jUEuwWW7SWf m1JMQ+TPIwkL8haYy2uiUll0ZLrB4hcTH3/zsuIiZDyUYUAIAX5Y27K+4JYHS16D Xbn3ORLeTUruAK/Aq9WyWBKpSJ/ySjxpw6CCek6uDQOX215blSyPtT4xblpnz0tG oCpNamoCicdsBZwdfhH7mt5Qu/JBEf68eHCkQ6aCDHgeHMayoUrbJdl6vNLPSedl fyKwUm6dKUxqzQJEzkD4E2hQraWEBXRhQinotLw0KdCfBus+k6ZCRUmwZkOnNMjc 5G/wLCSeTliO/hslXpOYN29mWb5ouGITMxy0mRUr2s+4bMWzYYk= =E+Kk -----END PGP SIGNATURE-----
