Alerts This Week
Warning Icon 1 714
Alerts This Week
Warning Icon 1 714

Fedora 39 cups-browsed Update: Addressing Remote Vulnerability Risks

fedora
Calendar Grey September 28, 2024
Dist Fedora Esm H88
The latest Cups-browsed revision resolves distant concerns impacting Fedora 39, bolstering system defenses against specific threats.
Fix for remote vulnerabilities against OpenPrinting cups-filters

Summary

cups-browsed is a helper daemon, which automatically installs printers

locally, provides load balancing and clustering of print queues.

The daemon installs the printers based on found mDNS records and CUPS

broadcast, or by polling a remote print server.

Update Information:

Fix for remote vulnerabilities against OpenPrinting cups-filters

Topics%20covered

Topics Covered

security advisory Fedora command execution bug fix remote access cups-browsed openprinting

Change Log

* Thu Sep 26 2024 Justin M. Forbes - 1:2.0.1-2 - Fix for CVE-2024-47176

References


[ 1 ] Bug #2314996 - [Major Incident] CVE-2024-47176 cups-browsed: cups-browsed binds on UDP INADDR_ANY:631 trusting any packet from any source [fedora-39] https://bugzilla.redhat.com/show_bug.cgi?id=2314996 [ 2 ] Bug #2314999 - [Major Incident] CVE-2024-47076 libcupsfilters: `cfGetPrinterAttributes` API does not perform sanitization on returned IPP attributes [fedora-39] https://bugzilla.redhat.com/show_bug.cgi?id=2314999 [ 3 ] Bug #2315002 - [Major Incident] CVE-2024-47175 libppd: remote command injection via attacker controlled data in PPD file [fedora-39] https://bugzilla.redhat.com/show_bug.cgi?id=2315002 [ 4 ] Bug #2315003 - [Major Incident] CVE-2024-47177 cups-filters: foomatic-rip in cups-filters allows arbitrary command execution via the FoomaticRIPCommandLine PPD parameter [fedora-39] https://bugzilla.redhat.com/show_bug.cgi?id=2315003

Update Instructions

This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2024-cf6ab63871' at the command line. For more information, refer to the dnf documentation available at http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label

Severity
critical
Lowest
Low
Medium
High
Critical

Name: cups-browsed
Product: Fedora 39
Version: 2.0.1
Release: 3.fc39
URL: https://github.com/OpenPrinting/cups-browsed
Summary: Daemon for local auto-installation of remote printers

Topics%20covered

Topics Covered

security advisory Fedora command execution bug fix remote access cups-browsed openprinting

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Your message here