[Bug 2089041] Re: Please merge cups cups_2.4.10-2 from debian unstable
Till Kamppeter
2089041 at bugs.launchpad.net
Tue Nov 26 09:27:42 UTC 2024
In CUPS 2.4.10 the "make check" build test is not working and not
finding a fix I tried the already available (but not yet picked up by
Debian) 2.4.11 and the test worked there again, so CUPS on plucky is now
updated to 2.4.11.
--
You received this bug notification because you are a member of Ubuntu
Sponsors, which is subscribed to the bug report.
https://bugs.launchpad.net/bugs/2089041
Title:
Please merge cups cups_2.4.10-2 from debian unstable
Status in cups package in Ubuntu:
Fix Released
Bug description:
cups (2.4.10-2) unstable; urgency=medium
[ Helge Kreutzmann ]
* Update German man page (2219t)
[ Thorsten Alteholz ]
* CVE-2024-47175
Fix CVE and upstream also added some extra hardening to patch
- validate URIs, attribute names, and capabilities
in cups/ppd-cache.c, scheduler/ipp.c
- sanitize make and model in cups/ppd-cache.c
- PPDize preset and template names in cups/ppd-cache.c
- quote PPD localized strings in cups/ppd-cache.c
- fix warnings in cups/ppd-cache.c
-- Thorsten Alteholz <debian at alteholz.de> Thu, 26 Sep 2024 23:45:05
+0200
The debian CVE mega-patch is identical to our 5 patches, I've verified after applying patches (there's just a copyright year diff).
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/cups/+bug/2089041/+subscriptions
More information about the Ubuntu-sponsors
mailing list