[SECURITY] [DSA 5998-1] cups security update

To: debian-security-announce@lists.debian.org
Subject: [SECURITY] [DSA 5998-1] cups security update
From: Salvatore Bonaccorso <carnil@debian.org>
Date: Thu, 11 Sep 2025 19:03:54 +0000
Message-id: <[🔎] E1uwmaI-00GRkw-0C@seger.debian.org>
Reply-to: debian-security-announce-request@lists.debian.org

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

- -------------------------------------------------------------------------
Debian Security Advisory DSA-5998-1                   security@debian.org
https://www.debian.org/security/                     Salvatore Bonaccorso
September 11, 2025                    https://www.debian.org/security/faq
- -------------------------------------------------------------------------

Package        : cups
CVE ID         : CVE-2025-58060 CVE-2025-58364

Two vulnerabilities were discovered in cups, the Common UNIX Printing
System, which may result in authentication bypass with AuthType
Negotiate or in denial of service (daemon crash).

For the oldstable distribution (bookworm), these problems have been fixed
in version 2.4.2-3+deb12u9.

For the stable distribution (trixie), these problems have been fixed in
version 2.4.10-3+deb13u1.

We recommend that you upgrade your cups packages.

For the detailed security status of cups please refer to its security
tracker page at:
https://security-tracker.debian.org/tracker/cups

Further information about Debian Security Advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://www.debian.org/security/

Mailing list: debian-security-announce@lists.debian.org
-----BEGIN PGP SIGNATURE-----

iQKTBAEBCgB9FiEERkRAmAjBceBVMd3uBUy48xNDz0QFAmjDHOlfFIAAAAAALgAo
aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldDQ2
NDQ0MDk4MDhDMTcxRTA1NTMxRERFRTA1NENCOEYzMTM0M0NGNDQACgkQBUy48xND
z0TEZw//aazXKQUzKE3vqQXkHmmB5KU3TqQQhAijuAiD7srFkyv2CSYHBFR4WO9k
vNAInSx09OVgu+zoCrO+GkZMbSShUGD8H7nG3aePsvXeOw1MABeH15Ggq7EKSSXN
bodzhTuVUzycRvwHd6nN3IYzcVI5SPreOwCjjwGnGSUEkacL1SksNkZB9QMvnPjY
RO1087BM0SJ6siDiPphX23INvuRSTqaN/xJ1t7CL0eLjY5zzo/x68xpkAULLxMXW
WKIt0shwullaeLoqMzbXlMSN6+6KqZq7tJmaZ0GQvSyKU1iGbp84MWI1JeETGoo3
M9nVvA1sE9keSev4f+W20GJ1e2FrXZUIiJ4g8dOXyPU0tNXetju6MGETrd7CSoUe
YngzAvHA+6HAB/vFA5kiokZJM238CigHJtfsSA45CwbMM6qfB2ejx+w6UhSDrStn
VLXMendMHK4LPqF3T+xRcCeiY45D/IbB0IAuQjPB+daXkPtZZkgzjZ4I2wPII9KL
vYlrhCFGady8W1jOnJXUhCRmxDYGk25nVXJaPsUBeM9CeFSllRcVyRLR+fzWRL2k
BED9ORGFKUbb1Bm1ACyy6Wo0SP7sHDzakVzHn0gVw3XAthpW0eTe+FPyZtQ3nbZq
31riyQJszyqhkCt8XUkG4MrzsNHLxdb+gUIoXpXbIKR2yF2S4FU=
=I7K8
-----END PGP SIGNATURE-----

Reply to:

Prev by Date: [SECURITY] [DSA 5997-1] imagemagick security update
Next by Date: [SECURITY] [DSA 5999-1] libjson-xs-perl security update
Previous by thread: [SECURITY] [DSA 5997-1] imagemagick security update
Next by thread: [SECURITY] [DSA 5999-1] libjson-xs-perl security update
Index(es):
- Date
- Thread