Univention Bugzilla – Bug 56679
cups: Multiple issues (5.0)
Last modified: 2023-10-04 17:06:41 CEST
New Debian cups 2.2.10-6+deb10u9A~5.0.5.202310020754 fixes: This update addresses the following issues: 2.2.10-6+deb10u9 (Fri, 29 Sep 2023 21:20:27 +0200) * CVE-2023-4504 Postscript parsing heap-based buffer overflow * CVE-2023-32360 authentication issue
--- mirror/ftp/pool/main/c/cups/cups_2.2.10-6+deb10u8A~5.0.4.202307030913.dsc +++ apt/ucs_5.0-0-errata5.0-5/source/cups_2.2.10-6+deb10u9A~5.0.5.202310020754.dsc @@ -1,4 +1,4 @@ -2.2.10-6+deb10u8A~5.0.4.202307030913 [Mon, 03 Jul 2023 09:22:24 +0200] Univention builddaemon <buildd@univention.de>: +2.2.10-6+deb10u9A~5.0.5.202310020754 [Mon, 02 Oct 2023 07:55:18 +0200] Univention builddaemon <buildd@univention.de>: * UCS auto build. The following patches have been applied to the original source package 01-do-not-set-auth-info-automatically.quilt @@ -9,6 +9,13 @@ 20_no-on-demand-systemd-service.quilt 25-true-is-case-sensitive-in-ppds.quilt +2.2.10-6+deb10u9 [Fri, 29 Sep 2023 21:20:27 +0200] Thorsten Alteholz <debian@alteholz.de>: + + * CVE-2023-4504 + Postscript parsing heap-based buffer overflow + * CVE-2023-32360 (Closes: #1051953) + authentication issue + 2.2.10-6+deb10u8 [Thu, 29 Jun 2023 23:30:27 +0200] Thorsten Alteholz <debian@alteholz.de>: * CVE-2023-34241 <http://piuparts.knut.univention.de/5.0-5/#5660608364138731505>
OK: bug OK: yaml OK: announce_errata OK: patch OK: piuparts [5.0-5] 180bcccb5cb Bug #56679: cups 2.2.10-6+deb10u9A~5.0.5.202310020754 doc/errata/staging/cups.yaml | 5 ++--- 1 file changed, 2 insertions(+), 3 deletions(-) [5.0-5] ea0c11e854a Bug #56679: cups 2.2.10-6+deb10u9A~5.0.5.202310020754 doc/errata/staging/cups.yaml | 15 +++++++++++++++ 1 file changed, 15 insertions(+)
<https://errata.software-univention.de/#/?erratum=5.0x822>