This bug was fixed in the package cups - 2.4.16-1ubuntu1
---------------
cups (2.4.16-1ubuntu1) resolute; urgency=medium
* Merge with Debian unstable. (LP: #2130070) Remaining changes:
- d/p/9100-ppd-cache-add-auto-presets.patch
Added fully automatic generation of PPD option setting presets to
be applied depending on the settings of the job IPP attributes
"print-color-mode", "print-quality", and "print-content-optimize".
This allows easy control of any printer with only standard IPP
attributes, as for example from a phone (functionality overtaken
from cups-filters, not (yet) upstream in CUPS).
- d/libcups2-dev.install, d/rules
Use pkgconfig file cups.pc from upstream and not Debian's own file
of CUPS' pre-pkgconfig era. also use
"--with-pkgconfpath=/usr/lib/$(DEB_HOST_MULTIARCH)/pkgconfig" in the
"./configure" command line therefore.
- d/local/apparmor-profile
+ In the AppArmor profile allow CUPS to access (/var)/run/snapd.socket
to allow cupsd to determine which interfaces a snapped client
is plugging.
+ update for new coreutil paths (LP #2123870)
+ add rule for accessing /etc/paperspecs (LP #2125520)
- d/control
+ Build-depend on libapparmor-dev, libsnapd-glib-dev, needed for
Snap mediation.
+ In libcupsimage2 recommend libcupsfilters2 instead of libcupsfilters1.
- d/rules
+ Added "--enable-snapped-clients" to the "./configure" options to use
the correct Snap mediation mode for an unsnapped cupsd, like provided
by this package.
+ In debian/rules updated ./configure arguments from --enable-gnutls to
--with-tls=gnutls. Now libcups has support for all hash types again,
especially can provide sha2-256 to PAPPL.
* Dropped Changes
- d/p/CVE-2025-58060.patch : patched in upstream version
- d/p/CVE-2025-58364.patch : patched in upstream version
- d/p/CVE-2025-61915.patch : patched in upstream version
- d/rules
+ --with-system-groups='lpadmin root'. This was included in Debian
2.4.1op1-2
as ='root lpadmin', somehow dropped and inverted in Ubuntu.
cups (2.4.16-1) unstable; urgency=medium
* Update to new upstream version 2.4.16.
(Closes: #1121751)
(Closes: #1121895)
(Closes: #1121660)
cups (2.4.15-1) unstable; urgency=medium
* Update to new upstream version 2.4.15.
* CVE-2025-61915
Fix various cupsd issues which cause local DoS.
* CVE-2025-58436
Fix unresponsive cupsd process caused by slow client.
cups (2.4.14-1) unstable; urgency=medium
* Update to new upstream version 2.4.14.
(Closes: #1106010)
(Closes: #1109471)
* debian/rules: enable tests on riscv64 again (Closes: #1107504)
* drop patch for CVE-2023-32324 (Closes: #1087849)
-- John Chittum <[email protected]> Fri, 05 Dec 2025 12:59:59
-0500
** Changed in: cups (Ubuntu)
Status: In Progress => Fix Released
** CVE added: https://cve.org/CVERecord?id=CVE-2023-32324
** CVE added: https://cve.org/CVERecord?id=CVE-2025-58060
** CVE added: https://cve.org/CVERecord?id=CVE-2025-58364
** CVE added: https://cve.org/CVERecord?id=CVE-2025-58436
** CVE added: https://cve.org/CVERecord?id=CVE-2025-61915
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/2130070
Title:
Merge cups from Debian Unstable for resolute
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/cups/+bug/2130070/+subscriptions
--
ubuntu-bugs mailing list
[email protected]
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
