Zum Inhalt springen.
Sympa Menü

it-securitynotifies - [IT-SecNots] [SECURITY] [DSA 5407-1] cups-filters security update

it-securitynotifies AT lists.piratenpartei.de

Betreff: Sicherheitsankündigungen

Listenarchiv

[IT-SecNots] [SECURITY] [DSA 5407-1] cups-filters security update


Chronologisch Thread  
  • From: Salvatore Bonaccorso <carnil AT debian.org>
  • To: debian-security-announce AT lists.debian.org
  • Subject: [IT-SecNots] [SECURITY] [DSA 5407-1] cups-filters security update
  • Date: Sun, 21 May 2023 13:56:26 +0000
  • Authentication-results: mail.piratenpartei.de; dkim=none; spf=none (mail.piratenpartei.de: domain of "bounce-debian-security-announce=it-securitynotifies=lists.piratenpartei.de AT lists.debian.org" has no SPF policy when checking 82.195.75.100) smtp.mailfrom="bounce-debian-security-announce=it-securitynotifies=lists.piratenpartei.de AT lists.debian.org"; dmarc=none
  • List-archive: https://lists.debian.org/msgid-search/E1q0jXu-007J8l-AC AT seger.debian.org
  • List-id: <debian-security-announce.lists.debian.org>
  • List-url: <http://lists.debian.org/debian-security-announce/>
  • Old-dkim-signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=debian.org; s=smtpauto.seger; h=Date:Message-Id:Subject:To:From:Reply-To:Cc:MIME-Version: Content-Type:Content-Transfer-Encoding:Content-ID:Content-Description: In-Reply-To:References; bh=AUoyIKeF6E1G7eR18IpvFHWcHSZn3ZDq6z2fJ7+cvbM=; b=qP 6lLA1D4Y8ChEWwfNFQasO6FlAaKucQ1OiOLP8V8GnZuXlUiGBjkyOC5xoKO/o0tcUzSO78yCLRPk4 4TjIZnKEaGhbcDB/LPK7Xy124ImskzitNmZr/vjM37otAEFAk7jeNQhKHk3ffQ4HyZ1gdOXkCbA6v 2HaCWCejGtaWXF7t/DlZbVYpT3V8ciJDwjQYsEeVUGOwmEagOU8M20TMXlwITAJiROA9UxnPIyEBf k4HIAyduA1Sm6ntxZ2TcgsjntyB7a+pRWpYMAIA0ipb+tjTnc9mBHyJkEVC5okFIOBA4U/BuPw6aO jhqM/4IpjcsRSqj4K8JAHCSu083JRtvA==;
  • Old-return-path: <carnil AT seger.debian.org>
  • Priority: urgent
  • Resent-date: Sun, 21 May 2023 13:56:49 +0000 (UTC)
  • Resent-from: debian-security-announce AT lists.debian.org
  • Resent-message-id: <LK9TTl33nVH.A.sED.hMiakB@bendel>
  • Resent-sender: debian-security-announce-request AT lists.debian.org

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

- -------------------------------------------------------------------------
Debian Security Advisory DSA-5407-1 security AT debian.org
https://www.debian.org/security/ Salvatore Bonaccorso
May 21, 2023 https://www.debian.org/security/faq
- -------------------------------------------------------------------------

Package : cups-filters
CVE ID : CVE-2023-24805
Debian Bug : 1036224

It was discovered that missing input sanitising in cups-filters, when
using the Backend Error Handler (beh) backend to create an accessible
network printer, may result in the execution of arbitrary commands.

For the stable distribution (bullseye), this problem has been fixed in
version 1.28.7-1+deb11u2.

We recommend that you upgrade your cups-filters packages.

For the detailed security status of cups-filters please refer to its
security tracker page at:
https://security-tracker.debian.org/tracker/cups-filters

Further information about Debian Security Advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://www.debian.org/security/

Mailing list: debian-security-announce AT lists.debian.org
-----BEGIN PGP SIGNATURE-----

iQKTBAEBCgB9FiEERkRAmAjBceBVMd3uBUy48xNDz0QFAmRqIcNfFIAAAAAALgAo
aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldDQ2
NDQ0MDk4MDhDMTcxRTA1NTMxRERFRTA1NENCOEYzMTM0M0NGNDQACgkQBUy48xND
z0Q/TQ//eDHbekYkCVNTzg+F+bWhG/PboO6n5Xs2eQCrYmObK4DEXx/lUvpIh77u
H5EHwMcJaYQpoaDoxJH6ETtGZ+PHsHcf9hjcg3GWhWt1tQ93UIgW3o0y/piyfTyS
OIsNv2lk1F7FMvfUOYS/xHxbRdNPKYcEUUqcMJT4Lmj7RS0LpOWpiisxS8BwgUYi
AL9ZtyOZTx6R/TXIWkAlR/KW+5OWyRC8SnYaesr2nkTabnwfuDs2RRLj0mUNIKd5
Buj2NsRoEQ1diugBM2/3XHPJaeoCgZeoh2JzZ2V84JRbSxyNVJNJJh+Ot4ONO/Y8
7PrXH7HQPgAyhikKyfgs0OTisHPC32Ezds8lB96eBE7yuy8Oi09vu1WtvQgm9xAd
3sCNgb/PMx8ONTwxLkSfb4tElcNPcjYpMzXJmKIBr4AE8vs3SY2oGyEfeBdj8v2o
M62HFxHlPvc2+9KSIh5TLWTvr0Qkpn0etwp7wO+e1M8dCswIQRyimwg6Rfduxi0+
Yr9Fw+vWwh/c9JAg3SdNerGPNB7IWXCQ11+qWk3ai36wqsxMwZC81kTWeFRzaFEl
5xeMWkeCpi91CZr1LM3RKj7UySMLwI/m2BLGEvz11jVZUSW3xu/2UOTD1q1vSr9g
Twj2cg6u1RQDzitAqZbxe1aXxwrbnlCTxtnriBD7iqTvb0yQ20A=
=upCN
-----END PGP SIGNATURE-----



  • [IT-SecNots] [SECURITY] [DSA 5407-1] cups-filters security update, Salvatore Bonaccorso, 21.05.2023

Archiv bereitgestellt durch MHonArc 2.6.24.

Seitenanfang