aosc-os-abbs icon indicating copy to clipboard operation
aosc-os-abbs copied to clipboard

Published 20 hours ago verified publisher icon AOSC-Dev

cups: security update to 2.4.2

Open CamberLoid opened this issue 2 years ago • 0 comments

CVE IDs

CVE-2022-26691

Other security advisory IDs

Debian: DSA-5149-1

Description

Joshua Mason discovered that a logic error in the validation of the secret key used in the "local" authorisation mode of the CUPS printing system may result in privilege escalation.

The vulnerability is fixed in 2.4.2 https://github.com/OpenPrinting/cups/commit/de4f8c196106033e4c372dce3e91b9d42b0b9444 and https://github.com/OpenPrinting/cups/commit/411b6136f450a583ee08c3880fa09dbe837eb3f1

Patches

N/A

PoC(s)

N/A

CamberLoid avatar Jun 02 '22 06:06 CamberLoid