Alerts This Week
Warning Icon 1 758
Alerts This Week
Warning Icon 1 758

SUSE Linux Enterprise Micro 5.5 Advisory: Important CUPS Security Update

suse
Calendar Grey July 12, 2024
Dist Suse Esm H88
Crucial patch for CUPS resolves possible alterations in file access rights for SUSE Linux Enterprise Micro 5.5.
* bsc#1223179 * bsc#1225365 Cross-References: * CVE-2024-35235

Summary

## This update for cups fixes the following issues: * CVE-2024-35235: Fixed a bug in cupsd that could allow an attacker to change the permissions of other files in the system. (bsc#1225365) * Handle local 'Negotiate' authentication response for cli clients (bsc#1223179) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Micro 5.5 zypper in -t patch SUSE-SLE-Micro-5.5-2024-2003=1 ## Package List: * SUSE Linux Enterprise Micro 5.5 (aarch64 ppc64le s390x x86_64) * libcups2-2.2.7-150000.3.59.1 * cups-debuginfo-2.2.7-150000.3.59.1 * cups-debugsource-2.2.7-150000.3.59.1 * libcups2-debuginfo-2.2.7-150000.3.59.1

References

* bsc#1223179

* bsc#1225365

Cross-

* CVE-2024-35235

CVSS scores:

* CVE-2024-35235 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Affected Products:

* SUSE Linux Enterprise Micro 5.5

An update that solves one vulnerability and has one security fix can now be

installed.

##

* https://www.suse.com/security/cve/CVE-2024-35235.html

* https://bugzilla.suse.com/show_bug.cgi?id=1223179

* https://bugzilla.suse.com/show_bug.cgi?id=1225365

Severity
important
Lowest
Low
Medium
High
Critical

Announcement ID: SUSE-SU-2024:2003-2
Rating: important

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Your message here