Zum Inhalt springen.
Sympa Menü

it-securitynotifies - [IT-SecNots] [SECURITY] [DSA 5998-1] cups security update

it-securitynotifies AT lists.piratenpartei.de

Betreff: Sicherheitsankündigungen

Listenarchiv

[IT-SecNots] [SECURITY] [DSA 5998-1] cups security update


Chronologisch Thread  
    < Chronologisch >       < Thread >
  • From: Salvatore Bonaccorso <carnil AT debian.org>
  • To: debian-security-announce AT lists.debian.org
  • Subject: [IT-SecNots] [SECURITY] [DSA 5998-1] cups security update
  • Date: Thu, 11 Sep 2025 19:03:54 +0000
  • Authentication-results: lists.piratenpartei.de; dkim=none; dmarc=none; spf=none (lists.piratenpartei.de: domain of "bounce-debian-security-announce=it-securitynotifies=lists.piratenpartei.de AT lists.debian.org" has no SPF policy when checking 2001:41b8:202:deb:216:36ff:fe40:4002) smtp.mailfrom="bounce-debian-security-announce=it-securitynotifies=lists.piratenpartei.de AT lists.debian.org"
  • List-archive: https://lists.debian.org/msgid-search/E1uwmaI-00GRkw-0C AT seger.debian.org
  • List-id: <debian-security-announce.lists.debian.org>
  • List-url: <http://lists.debian.org/debian-security-announce/>
  • Old-dkim-signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=debian.org; s=smtpauto.seger; h=Date:Message-Id:Subject:To:From:Reply-To:Cc:MIME-Version: Content-Type:Content-Transfer-Encoding:Content-ID:Content-Description: In-Reply-To:References; bh=hxim3pfVHrlnHmLjwRTNZ1/UZSo2kQgDIRZbTTOs1dg=; b=d7 d8zVg030Sj5hfi7zclpoQgLy5ZIseN6STbIrRt6emhI863aU9NBXnwv1pOQYZcSGVYF/pct5hAjYs YeIDPH6OH9VXx2e3na/S9OMJtGq1X9PsdqZMy0O7aX4F60AB10bJX0bxfX4YtQ43e5elDk2vyeGzi RmANKJNVdhhj4V7UYgvNSV4DEAvrpp3HASCbip+P6kJrki9qTNucNWNhK0F2PHAnR4XbgylHqbRkA SSffaAeUVkSQ21J/uUveGJhGf8X0fvKSZNo7tT8WVfapTuu9eThQcj1YEU18uFg7V8V0HOJBM3fD0 BOgD3DT2QvNOtXYDhkMgfjHT3SBi6xDw==;
  • Old-return-path: <carnil AT seger.debian.org>
  • Priority: urgent
  • Resent-date: Thu, 11 Sep 2025 19:04:17 +0000 (UTC)
  • Resent-from: debian-security-announce AT lists.debian.org
  • Resent-message-id: <ZSY2Z6ov1RI.A.rdrC.x0xwoB@bendel>
  • Resent-sender: debian-security-announce-request AT lists.debian.org
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

- -------------------------------------------------------------------------
Debian Security Advisory DSA-5998-1 security AT debian.org
https://www.debian.org/security/ Salvatore Bonaccorso
September 11, 2025 https://www.debian.org/security/faq
- -------------------------------------------------------------------------

Package : cups
CVE ID : CVE-2025-58060 CVE-2025-58364

Two vulnerabilities were discovered in cups, the Common UNIX Printing
System, which may result in authentication bypass with AuthType
Negotiate or in denial of service (daemon crash).

For the oldstable distribution (bookworm), these problems have been fixed
in version 2.4.2-3+deb12u9.

For the stable distribution (trixie), these problems have been fixed in
version 2.4.10-3+deb13u1.

We recommend that you upgrade your cups packages.

For the detailed security status of cups please refer to its security
tracker page at:
https://security-tracker.debian.org/tracker/cups

Further information about Debian Security Advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://www.debian.org/security/

Mailing list: debian-security-announce AT lists.debian.org
-----BEGIN PGP SIGNATURE-----

iQKTBAEBCgB9FiEERkRAmAjBceBVMd3uBUy48xNDz0QFAmjDHOlfFIAAAAAALgAo
aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldDQ2
NDQ0MDk4MDhDMTcxRTA1NTMxRERFRTA1NENCOEYzMTM0M0NGNDQACgkQBUy48xND
z0TEZw//aazXKQUzKE3vqQXkHmmB5KU3TqQQhAijuAiD7srFkyv2CSYHBFR4WO9k
vNAInSx09OVgu+zoCrO+GkZMbSShUGD8H7nG3aePsvXeOw1MABeH15Ggq7EKSSXN
bodzhTuVUzycRvwHd6nN3IYzcVI5SPreOwCjjwGnGSUEkacL1SksNkZB9QMvnPjY
RO1087BM0SJ6siDiPphX23INvuRSTqaN/xJ1t7CL0eLjY5zzo/x68xpkAULLxMXW
WKIt0shwullaeLoqMzbXlMSN6+6KqZq7tJmaZ0GQvSyKU1iGbp84MWI1JeETGoo3
M9nVvA1sE9keSev4f+W20GJ1e2FrXZUIiJ4g8dOXyPU0tNXetju6MGETrd7CSoUe
YngzAvHA+6HAB/vFA5kiokZJM238CigHJtfsSA45CwbMM6qfB2ejx+w6UhSDrStn
VLXMendMHK4LPqF3T+xRcCeiY45D/IbB0IAuQjPB+daXkPtZZkgzjZ4I2wPII9KL
vYlrhCFGady8W1jOnJXUhCRmxDYGk25nVXJaPsUBeM9CeFSllRcVyRLR+fzWRL2k
BED9ORGFKUbb1Bm1ACyy6Wo0SP7sHDzakVzHn0gVw3XAthpW0eTe+FPyZtQ3nbZq
31riyQJszyqhkCt8XUkG4MrzsNHLxdb+gUIoXpXbIKR2yF2S4FU=
=I7K8
-----END PGP SIGNATURE-----


  • [IT-SecNots] [SECURITY] [DSA 5998-1] cups security update, Salvatore Bonaccorso, 11.09.2025

Archiv bereitgestellt durch MHonArc 2.6.19+.

Seitenanfang