[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

[SECURITY] [DLA 3029-1] cups security update



-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

- -------------------------------------------------------------------------
Debian LTS Advisory DLA-3029-1                debian-lts@lists.debian.org
https://www.debian.org/lts/security/                    Thorsten Alteholz
May 27, 2022                                  https://wiki.debian.org/LTS
- -------------------------------------------------------------------------

Package        : cups
Version        : 2.2.1-8+deb9u8
CVE ID         : CVE-2022-26691
Debian Bug     : 1011769


Joshua Mason discovered that a logic error in the validation of the
secret key used in the "local" authorisation mode of the CUPS printing
system may result in privilege escalation.


For Debian 9 stretch, this problem has been fixed in version
2.2.1-8+deb9u8.

We recommend that you upgrade your cups packages.

For the detailed security status of cups please refer to
its security tracker page at:
https://security-tracker.debian.org/tracker/cups

Further information about Debian LTS security advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://wiki.debian.org/LTS

-----BEGIN PGP SIGNATURE-----

iQKTBAEBCgB9FiEEYgH7/9u94Hgi6ruWlvysDTh7WEcFAmKQEEJfFIAAAAAALgAo
aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldDYy
MDFGQkZGREJCREUwNzgyMkVBQkI5Njk2RkNBQzBEMzg3QjU4NDcACgkQlvysDTh7
WEdbWA/8DvebQ6gKelk9rDgKyJtUQN3JPAgs1LHP8np97kHICBSwSbY3zIcB/xCp
NlbG54N49uZJc3ARng9L2BbTcqDKWpNE/kHpCtzUpEExG4tH5By6SbalX0bwz+p2
g9w1eiU/7BPeZcuFfQptIaGDW7fFh32yVLAGko3dSP/jeHqXHPzbg0KpIko2ebyX
b68+8bodfUfeQVmcPd3mNLaXijztTU/3tSgstHw8+Levk9ycmz4e4UFTeuvAikol
UkZRYA3kIKwryQEyoHNYVjp4R0UJJBIbu6CxFnlv5vrxOIOq3TNo/WfH4asOirSe
pMDUi5Lb+Nr8EZI4OqgtBAwmZwdRD+zM4qRWuv9dchUCsrOxPBqu5DiRgkrUU23v
RcHaOkk+zyGHkNk/VwUaVgqE/My5dIX2Cp3mUjwHx4W7r8+m8mX8jlmNQs8Z6VHI
GmMuf+/c/Q03JdsxVzrT3azX83r/u/UWKkwM8+6Zvf0B0voJ8Bg5ymXMarMnZ8gM
QaYdhsFLigYNJYW6sVrdvGhbgl6jRztU0BpthSIhZ4RZXw1mABCVfsNWEiXI2hWv
ufNhydap10EaBMot70wMzMbngM/biGCKG3P+XNRTCzFrIkUXHahnFByc4R0yVUlC
+OfJ3UdXHz1qz6vJf69P7sVqdlEeIfXhO8Zy28icYhP88xOSses=
=d+dJ
-----END PGP SIGNATURE-----


Reply to: