Hi Sanjaykumar, Thanks for the info.
Thanks & Regards, Vijay On Wed, Jun 14, 2023 at 2:29 PM Sanjaykumar kantibhai Chitroda -X (schitrod - E-INFO CHIPS INC at Cisco) <[email protected]> wrote: > Hi Vijay, > > This fix is already submitted to OE-core community and added in queue for > dunfell branch. > Please check the status of community patches here: > https://patchwork.yoctoproject.org/project/oe-core/list/ > > Thanks, > Sanjay > > -----Original Message----- > From: [email protected] < > [email protected]> On Behalf Of Vijay Anusuri > Sent: Wednesday, June 14, 2023 12:24 PM > To: [email protected] > Cc: Vijay Anusuri <[email protected]> > Subject: [OE-core][dunfell][PATCH] cups: Fix CVE-2023-32324 > > From: Vijay Anusuri <[email protected]> > > OpenPrinting CUPS is an open source printing system. In versions 2.4.2 and > prior, a heap buffer overflow vulnerability would allow a remote attacker > to launch a denial of service (DoS) attack. A buffer overflow vulnerability > in the function `format_log_line` could allow remote attackers to cause a > DoS on the affected system. Exploitation of the vulnerability can be > triggered when the configuration file `cupsd.conf` sets the value of > `loglevel `to `DEBUG`. No known patches or workarounds exist at time of > publication. > > References: > https://nvd.nist.gov/vuln/detail/CVE-2023-32324 > https://security-tracker.debian.org/tracker/CVE-2023-32324 > > Upstream Patch: > https://github.com/OpenPrinting/cups/commit/fd8bc2d32589 > > Signed-off-by: Vijay Anusuri <[email protected]> > >
-=-=-=-=-=-=-=-=-=-=-=- Links: You receive all messages sent to this group. View/Reply Online (#182802): https://lists.openembedded.org/g/openembedded-core/message/182802 Mute This Topic: https://lists.openembedded.org/mt/99522899/21656 Group Owner: [email protected] Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub [[email protected]] -=-=-=-=-=-=-=-=-=-=-=-
