Alerts This Week
Warning Icon 1 727
Alerts This Week
Warning Icon 1 727

Slackware 15.0: 2024-163-02 Critical: cups Arbitrary Chmod Issue

slackware
Calendar Grey June 11, 2024
Dist Slackware Esm H88
Recent cup updates for Slackware resolve a significant flaw leading to improper access settings.
New cups packages are available for Slackware 15.0 and -current to fix a security issue

Summary

Here are the details from the Slackware 15.0 ChangeLog: patches/packages/cups-2.4.9-i586-1_slack15.0.txz: Upgraded. This update fixes bugs and a security issue: When starting the cupsd server with a Listen configuration item pointing to a symbolic link, the cupsd process can be caused to perform an arbitrary chmod of the provided argument, providing world-writable access to the target. For more information, see: https://www.cve.org/CVERecord?id=CVE-2024-35235 (* Security fix *)

Topics%20covered

Topics Covered

security advisory access issue slackware cups arbitrary chmod

Where Find New Packages

Thanks to the friendly folks at the OSU Open Source Lab (http://osuosl.org) for donating FTP and rsync hosting to the Slackware project! :-)
Also see the "Get Slack" section on http://www.slackware.com/ for additional mirror sites near you.
Updated package for Slackware 15.0:
Updated package for Slackware x86_64 15.0:
Updated package for Slackware -current:
Updated package for Slackware x86_64 -current:

MD5 Signatures

Slackware 15.0 package: eb7a13c45409a0db64a5a5c344c2b249 cups-2.4.9-i586-1_slack15.0.txz
Slackware x86_64 15.0 package: d270e3ec0741a67116a32bfa9301f4fe cups-2.4.9-x86_64-1_slack15.0.txz
Slackware -current package: 433355277a0f061d6a9b7fcb1f9ad5f5 ap/cups-2.4.9-i586-1.txz
Slackware x86_64 -current package: 49f32bc3bbcf751650cd28f1d4de4694 ap/cups-2.4.9-x86_64-1.txz

Severity
critical
Lowest
Low
Medium
High
Critical

Topics%20covered

Topics Covered

security advisory access issue slackware cups arbitrary chmod

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Installation Instructions

Installation instructions: Upgrade the package as root: # upgradepkg cups-2.4.9-i586-1_slack15.0.txz Then, restart the cups server: # sh /etc/rc.d/rc.cups restart

Your message here