[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Bug#1038885: marked as done (cups: CVE-2023-34241: use-after-free in cupsdAcceptClient())

Your message dated Thu, 22 Jun 2023 22:10:19 +0000
with message-id <E1qCSVP-00FuVg-QA@fasolo.debian.org>
and subject line Bug#1038885: fixed in cups 2.4.2-5
has caused the Debian Bug report #1038885,
regarding cups: CVE-2023-34241: use-after-free in cupsdAcceptClient()
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact owner@bugs.debian.org
immediately.)


-- 
1038885: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1038885
Debian Bug Tracking System
Contact owner@bugs.debian.org with problems
--- Begin Message --- 
Source: cups
Version: 2.4.2-4
Severity: grave
Tags: security upstream
X-Debbugs-Cc: carnil@debian.org, Debian Security Team <team@security.debian.org>

Hi,

The following vulnerability was published for cups.

CVE-2023-34241[0]:
| use-after-free in cupsdAcceptClient()


If you fix the vulnerability please also make sure to include the
CVE (Common Vulnerabilities & Exposures) id in your changelog entry.

For further information see:

[0] https://security-tracker.debian.org/tracker/CVE-2023-34241
    https://www.cve.org/CVERecord?id=CVE-2023-34241
[1] https://www.openwall.com/lists/oss-security/2023/06/22/4

Please adjust the affected versions in the BTS as needed.

Regards,
Salvatore

--- End Message ---
--- Begin Message --- 
Source: cups
Source-Version: 2.4.2-5
Done: Thorsten Alteholz <debian@alteholz.de>

We believe that the bug you reported is fixed in the latest version of
cups, which is due to be installed in the Debian FTP archive.

A summary of the changes between this version and the previous one is
attached.

Thank you for reporting the bug, which will now be closed.  If you
have further comments please address them to 1038885@bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.

Debian distribution maintenance software
pp.
Thorsten Alteholz <debian@alteholz.de> (supplier of updated cups package)

(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing ftpmaster@ftp-master.debian.org)


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Format: 1.8
Date: Wed, 21 Jun 2023 22:30:27 +0200
Source: cups
Architecture: source
Version: 2.4.2-5
Distribution: unstable
Urgency: medium
Maintainer: Debian Printing Team <debian-printing@lists.debian.org>
Changed-By: Thorsten Alteholz <debian@alteholz.de>
Closes: 1038885
Changes:
 cups (2.4.2-5) unstable; urgency=medium
 .
   * CVE-2023-34241 (Closes: #1038885)
     use-after-free in cupsdAcceptClient()
Checksums-Sha1:
 9f879b034a51742e4cfe86a1c1e8913bd73edc8e 3122 cups_2.4.2-5.dsc
 e4faa8108c7c8c8e92fabcdf20edbaefa37a1905 382628 cups_2.4.2-5.debian.tar.xz
 bf62b8cd59d6da3635fa24db71cec5e621c525ee 13577 cups_2.4.2-5_amd64.buildinfo
Checksums-Sha256:
 80a31ef1753758265b5020c8bfc6991ad35cab49e31c0baa1028b27d0a1b14ea 3122 cups_2.4.2-5.dsc
 e840a5264c21499e06b06a2511239c92b8c97241dabf99ef3b587f042dda2d6a 382628 cups_2.4.2-5.debian.tar.xz
 7ed6c3159efc574830cc19fb92ebe69b56ed172a10e2cd2a322f393c93ee1315 13577 cups_2.4.2-5_amd64.buildinfo
Files:
 2d54bf290d204a4710ae865ac4193f71 3122 net optional cups_2.4.2-5.dsc
 90c6438028b13299b49301d69144da89 382628 net optional cups_2.4.2-5.debian.tar.xz
 c85083715f9919f1940194af638eebae 13577 net optional cups_2.4.2-5_amd64.buildinfo

-----BEGIN PGP SIGNATURE-----

iQKnBAEBCgCRFiEEYgH7/9u94Hgi6ruWlvysDTh7WEcFAmSUvwJfFIAAAAAALgAo
aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldDYy
MDFGQkZGREJCREUwNzgyMkVBQkI5Njk2RkNBQzBEMzg3QjU4NDcTHGRlYmlhbkBh
bHRlaG9sei5kZQAKCRCW/KwNOHtYR/UmD/9/0ClLIAJ6hp2nShcbnY6r6AzI2Ua7
LFrda5wyGMNt/zDAQyATwv0yfSpyF9ZubFx80ZKjkCkBJMA7ARx+sBF+pl9+SAEn
Wi16HQEudEaeJ7ra/L3HUcRMKzb6BBmPhqznsRNu5xD7QeLcvh0tH0Z16SOU5acA
r4fWnFyOrjXDQUaLdjXeKHtF8TOlX9rfHAzS3ATJWrJwe/l/anBYONPplRni5Nu1
y2ciZa8hLYQ2LoOK3FeM8KNfvLdmfuZqPpJdjvUorkJsRTpghPtqFX/aMq4CE1dR
yBOo6R4XKiHd/k2ZOL6dih7ygsJx6OltxEjMY8a0YlrYUZTmH1OJ4SvO3BfNXaKN
zVTX4OoTQa3tFo/qk4lIcOX9seN8N2WihaHD6LUyThyKppKtSSiE8wFQE+FOb5QG
SVoPn8wGP2ATu3KReT09QgJSqiVcBrGQPQo8uZL0truNYD0c/bzLbuWly7nFQ+8B
NeBa6OZdP5x9CYcOR7A0ESft0zSarKK49ke7m0YUCIEsadnB5tOSdde8rtLoChmW
rOzL9OCkT2G++MCbw9em0UQteNZUOfezhmuzfVKpTrEDmu36Ra4Oqb7rHvm0Vnr6
a7B3RF9kym0sMmPsQBiOjF61T7MtZ43WbGhJaGJ36ty8xmDBiPQpZ45pfaBIHiOH
amCUMV3tyCTfVQ==
=tlum
-----END PGP SIGNATURE-----

--- End Message ---
Reply to: