[SECURITY] [DSA 5779-1] cups security update

[Salvatore Bonaccorso <carnil@debian.org>]

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

- -------------------------------------------------------------------------
Debian Security Advisory DSA-5779-1                   security@debian.org
https://www.debian.org/security/                     Salvatore Bonaccorso
September 29, 2024                    https://www.debian.org/security/faq
- -------------------------------------------------------------------------

Package        : cups
CVE ID         : CVE-2024-47175

Simone Margaritelli reported that cups, the Common UNIX Printing System,
does not properly sanitize IPP attributes when creating PPD files, which
may result in the execution of arbitrary code.

For the stable distribution (bookworm), this problem has been fixed in
version 2.4.2-3+deb12u8.

We recommend that you upgrade your cups packages.

For the detailed security status of cups please refer to its security
tracker page at:
https://security-tracker.debian.org/tracker/cups

Further information about Debian Security Advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://www.debian.org/security/

Mailing list: debian-security-announce@lists.debian.org
-----BEGIN PGP SIGNATURE-----

iQKTBAEBCgB9FiEERkRAmAjBceBVMd3uBUy48xNDz0QFAmb5cQJfFIAAAAAALgAo
aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldDQ2
NDQ0MDk4MDhDMTcxRTA1NTMxRERFRTA1NENCOEYzMTM0M0NGNDQACgkQBUy48xND
z0QspA//fRq1YZHhn9UlhgfupxmpK3MHf7XjBl3cttiSkw7mZA+y1CGgUEr4Jxvd
8PjkIpsN2xUuKt1Y1iLw79jOU7Vn2VOfJlUSp8ub2aT/wPHt5WnKv4/77xqS/aa+
mTa2wHQWWeDssfeF67Z1rYnPk9s6cYvXhKLyAuLTLLOWq+6NWQ6ZmuXqBzmxD7rr
OxBBU9rNZsp07AE6jvYmrpvDMYT0Lsy3GvBP/M6BAUF8iMJA38K3J6sR73Zh80TM
DOAa8Yp/Svk12kxbjuzWxgPr2sQ/Mb/lpTH+xxxPRVIm9WWUFumPn7j+FqAfIDOi
eX6/nSMd1kWbSuZyKzLXz2gpVMpU8ge3ypsT9Fa3CdZbXqW6DtrOuCRyQxBKVj0q
Ohv/qZDIv2eYtGj2wVEphtMWGe8TfW0pFaJPK/WTNdH3xcqyo/OScv0OucW02RjE
EGEjD/ErUkRorPkDmTlRIQ4W2e6lcyBYrOkFu2JGHPtnugvohQ3Xc/eEDvdABQp5
xZI20F0jl+qljMFFK36qI75eIPQnPEqVfvAG9xmoBgHS4hqIYLi4p14ZaYOci8yW
2FHlof2t3TgjH6TJFdH8sp3dGOHCTnKfB+3mq97oipjm6Xoqb8mW2Z0RygvUIS94
NFGaFzFKzAlkIssL3Y2VoC9kfrrCe2zhMJ6zRrO5JuXdWapA51E=
=6Gtg
-----END PGP SIGNATURE-----