-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Format: 1.8 Date: Thu, 26 Sep 2024 23:45:05 +0200 Source: cups Binary: cups-common cups-server-common Architecture: all Version: 2.4.2-3+deb12u8 Distribution: bookworm-security Urgency: high Maintainer: all Build Daemon (x86-grnet-02) Changed-By: Thorsten Alteholz Description: cups-common - Common UNIX Printing System(tm) - common files cups-server-common - Common UNIX Printing System(tm) - server common files Changes: cups (2.4.2-3+deb12u8) bookworm-security; urgency=high . * CVE-2024-47175 Fix CVE and upstream also added some extra hardening to patch - validate URIs, attribute names, and capabilities in cups/ppd-cache.c, scheduler/ipp.c - sanitize make and model in cups/ppd-cache.c - PPDize preset and template names in cups/ppd-cache.c - quote PPD localized strings in cups/ppd-cache.c - fix warnings in cups/ppd-cache.c Checksums-Sha1: e7e716ebe1e52e29d884f086a485af24e78a4526 256416 cups-common_2.4.2-3+deb12u8_all.deb 3d26ef715a4a6365dbda52bbc313613fb415a090 413240 cups-server-common_2.4.2-3+deb12u8_all.deb 91f4c26f96ee77a1fce9b7efd4a3487404866cb1 7810 cups_2.4.2-3+deb12u8_all-buildd.buildinfo Checksums-Sha256: c7afe157c700fdbcb2373fc41ed0471084a5e13d57e6417ff837d9dbd2c315bc 256416 cups-common_2.4.2-3+deb12u8_all.deb ce50839631e5e71fce6367b2e617f8f2e325c524af3942a7fbdd4dd3b45c7e4b 413240 cups-server-common_2.4.2-3+deb12u8_all.deb b59f701e3216958b03586d3395c4b58c81d3ca56f60f338e62f1679925f3b21c 7810 cups_2.4.2-3+deb12u8_all-buildd.buildinfo Files: 30207ae5f22be2d5d883122d0276f9fb 256416 net optional cups-common_2.4.2-3+deb12u8_all.deb 55ed9cc427a842e2058fa8d4611c4865 413240 net optional cups-server-common_2.4.2-3+deb12u8_all.deb 80ea00b64046ff73469a1ad93b6c1d3d 7810 net optional cups_2.4.2-3+deb12u8_all-buildd.buildinfo -----BEGIN PGP SIGNATURE----- iQIzBAEBCgAdFiEEQsM0t1ygJv2xcx3e4cagXJhOTXsFAmb4HhQACgkQ4cagXJhO TXu56xAAnaern7/x3QrImdlDP5TlQ/5Nyp4TEpUVH0EqqTPgW+7kUMs+zWY3rRpO qenfndar18gdYqxKH03lr4ZT9YWOgYE958O5ASuzKHHs8UgQ0+1YxKQugHUhUmOu yB64iipXNKErZSpbtxTMUguT50/RPbALoMPbyBw7AhMm31NizE5MYgNzMkmgBbta tcM23FmTfMUXUwDv98i9Q5l1oYgPtfrmfHkGY7gdTqCmuKThiC7HBoVlKzoLt1DQ CzADmpa/B7EgU4etFK/Tbj2vRqYXmEhA2wOFd5DCYw/kmJ89m/91dOdPqoP9Ze6H Eu4lq37X1OiHL/H3AOoko7FB089+Zci//hKuMMU8NcIrAIRnH3PKspG7s3+2gQLM GnK3GIEN/D6Al2hF3A0ZJySvFVb7LNURYOLy1Te1VsXYn19p5Lj5g5XmMuLKNiGS rogF7OCBSRPPTrIVekrtozIgx3n7GKSB9ikMg9F0CAXDecHv7vL1WCNeD6TGbex4 RFZOqZsqnayCg4vV3hH/dVZ/xEMTntqMIu747x4aQb/9IL2GxxZ9e8ZAgtuYpJlY dsbwcKsmZxH5sjfuQh4woySgf1fO8IEAoYEsunIStvaNiKpF4qNTnclKnW1YhT4n h7nzAvwcqoyEp2h8uZiFuNcd/Vyapedfz5AzEx+sp5xblLD+ORw= =BMuq -----END PGP SIGNATURE-----