This bug was fixed in the package libppd - 2:2.1~b1-0ubuntu2
---------------
libppd (2:2.1~b1-0ubuntu2) oracular; urgency=medium
* SECURITY UPDATE: PPD injection issues (LP: #2082335)
- debian/patches/sec-202409-1.patch: sanitize and validate IPP values
in generated PPD file in ppd/ppd-cache.c, ppd/ppd-generator.c.
- debian/patches/sec-202409-2.patch: escape localized strings in
ppd/ppd-generator.c.
- debian/patches/sec-202409-3.patch: fix FTBFS and default InputSlot
value in ppd/ppd-cache.c, ppd/ppd-generator.c.
- CVE-2024-47175
-- Marc Deslauriers <[email protected]> Thu, 26 Sep 2024
09:27:49 -0400
** Changed in: libppd (Ubuntu Oracular)
Status: Fix Committed => Fix Released
** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2024-47175
** Changed in: libcupsfilters (Ubuntu Oracular)
Status: Fix Committed => Fix Released
** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2024-47076
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/2082335
Title:
Sept 2024 security issue tracking bug
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/cups/+bug/2082335/+subscriptions
--
ubuntu-bugs mailing list
[email protected]
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
