<!DOCTYPE html>
<html>
  <head>

    <meta http-equiv="content-type" content="text/html; charset=UTF-8">
  </head>
  <body>
    <p>==========================================================================</p>
    <div id=":13w" class="a3s aiL ">
      Ubuntu Security Notice USN-6844-2<br>
      June 28, 2024<br>
      <br>
      cups regression<br>
      ==============================<wbr>==============================<wbr>==============<br>
      <br>
      A security issue affects these releases of Ubuntu and its
      derivatives:<br>
      <br>
      - Ubuntu 24.04 LTS<br>
      - Ubuntu 23.10<br>
      - Ubuntu 22.04 LTS<br>
      - Ubuntu 20.04 LTS<br>
      - Ubuntu 18.04 LTS<br>
      - Ubuntu 16.04 LTS<br>
      <br>
      Summary:<br>
      <br>
      USN-6844-1 caused the cupsd daemon to never start<br>
      <br>
      Software Description:<br>
      - cups: Common UNIX Printing System(tm)<br>
      <br>
      Details:<br>
      <br>
      USN-6844-1 fixed vulnerabilities in the CUPS package. The update<br>
      lead to the discovery of a regression in CUPS with regards to<br>
      how the cupsd daemon handles Listen configuration directive. <br>
      This update fixes the problem.<br>
      <br>
      We apologize for the inconvenience.<br>
      <br>
      Original advisory details:<br>
      Rory McNamara discovered that when starting the cupsd server with
      a<br>
      Listen configuration item, the cupsd process fails to validate if<br>
      bind call passed. An attacker could possibly trick cupsd to
      perform<br>
      an arbitrary chmod of the provided argument, providing
      world-writable<br>
      access to the target.<br>
      <br>
      Update instructions:<br>
      <br>
      The problem can be corrected by updating your system to the
      following<br>
      package versions:<br>
      <br>
      Ubuntu 24.04 LTS<br>
        cups                            2.4.7-1.2ubuntu7.2<br>
        cups-daemon                     2.4.7-1.2ubuntu7.2<br>
      <br>
      Ubuntu 23.10<br>
        cups                            2.4.6-0ubuntu3.2<br>
        cups-daemon                     2.4.6-0ubuntu3.2<br>
      <br>
      Ubuntu 22.04 LTS<br>
        cups                            2.4.1op1-1ubuntu4.10<br>
        cups-daemon                     2.4.1op1-1ubuntu4.10<br>
      <br>
      Ubuntu 20.04 LTS<br>
        cups                            2.3.1-9ubuntu1.8<br>
        cups-daemon                     2.3.1-9ubuntu1.8<br>
      <br>
      Ubuntu 18.04 LTS<br>
        cups                            2.2.7-1ubuntu2.10+esm5<br>
                                        Available with Ubuntu Pro<br>
        cups-daemon                     2.2.7-1ubuntu2.10+esm5<br>
                                        Available with Ubuntu Pro<br>
      <br>
      Ubuntu 16.04 LTS<br>
        cups                            2.1.3-4ubuntu0.11+esm7<br>
                                        Available with Ubuntu Pro<br>
        cups-daemon                     2.1.3-4ubuntu0.11+esm7<br>
                                        Available with Ubuntu Pro<br>
      <br>
      In general, a standard system update will make all the necessary
      changes.<br>
      <br>
      References:<br>
        <a href="https://ubuntu.com/security/notices/USN-6844-2"
        rel="noreferrer" target="_blank"
data-saferedirecturl="https://www.google.com/url?q=https://ubuntu.com/security/notices/USN-6844-2&source=gmail&ust=1719999240550000&usg=AOvVaw3NumnNUPwduGSAoP42BRAo">https://ubuntu.com/security/no<wbr>tices/USN-6844-2</a><br>
        <a href="https://ubuntu.com/security/notices/USN-6844-1"
        rel="noreferrer" target="_blank"
data-saferedirecturl="https://www.google.com/url?q=https://ubuntu.com/security/notices/USN-6844-1&source=gmail&ust=1719999240550000&usg=AOvVaw0cUSqdQzDS5VjP88D3Mu_e">https://ubuntu.com/security/no<wbr>tices/USN-6844-1</a><br>
        <a href="https://launchpad.net/bugs/2070315" rel="noreferrer"
        target="_blank"
data-saferedirecturl="https://www.google.com/url?q=https://launchpad.net/bugs/2070315&source=gmail&ust=1719999240550000&usg=AOvVaw2SCGAxxCoF5BHgMarUEFyY">https://launchpad.net/bugs/207<wbr>0315</a><br>
      <br>
      Package Information:<br>
        <a
href="https://launchpad.net/ubuntu/+source/cups/2.4.7-1.2ubuntu7.2"
        rel="noreferrer" target="_blank"
data-saferedirecturl="https://www.google.com/url?q=https://launchpad.net/ubuntu/%2Bsource/cups/2.4.7-1.2ubuntu7.2&source=gmail&ust=1719999240550000&usg=AOvVaw0_usO1K7ga4ohEbQfFFiyQ">https://launchpad.net/ubuntu/+<wbr>source/cups/2.4.7-1.2ubuntu7.2</a><br>
        <a
href="https://launchpad.net/ubuntu/+source/cups/2.4.6-0ubuntu3.2"
        rel="noreferrer" target="_blank"
data-saferedirecturl="https://www.google.com/url?q=https://launchpad.net/ubuntu/%2Bsource/cups/2.4.6-0ubuntu3.2&source=gmail&ust=1719999240550000&usg=AOvVaw2azVTgVsnOT0bNEyOEfztk">https://launchpad.net/ubuntu/+<wbr>source/cups/2.4.6-0ubuntu3.2</a><br>
        <a
href="https://launchpad.net/ubuntu/+source/cups/2.4.1op1-1ubuntu4.10"
        rel="noreferrer" target="_blank"
data-saferedirecturl="https://www.google.com/url?q=https://launchpad.net/ubuntu/%2Bsource/cups/2.4.1op1-1ubuntu4.10&source=gmail&ust=1719999240550000&usg=AOvVaw0Vs15wY-FS59H-iHHLL-WT">https://launchpad.net/ubuntu/+<wbr>source/cups/2.4.1op1-1ubuntu4.<wbr>10</a><br>
        <a
href="https://launchpad.net/ubuntu/+source/cups/2.3.1-9ubuntu1.8"
        rel="noreferrer" target="_blank"
data-saferedirecturl="https://www.google.com/url?q=https://launchpad.net/ubuntu/%2Bsource/cups/2.3.1-9ubuntu1.8&source=gmail&ust=1719999240550000&usg=AOvVaw0RSDPKjwqSTfwzmjqQjxnW">https://launchpad.net/ubuntu/+<wbr>source/cups/2.3.1-9ubuntu1.8</a></div>
  </body>
</html>