-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Format: 1.8 Date: Thu, 26 Sep 2024 23:45:05 +0200 Source: cups Architecture: source Version: 2.4.2-3+deb12u8 Distribution: bookworm-security Urgency: high Maintainer: Debian Printing Team <debian-printing@lists.debian.org> Changed-By: Thorsten Alteholz <debian@alteholz.de> Changes: cups (2.4.2-3+deb12u8) bookworm-security; urgency=high . * CVE-2024-47175 Fix CVE and upstream also added some extra hardening to patch - validate URIs, attribute names, and capabilities in cups/ppd-cache.c, scheduler/ipp.c - sanitize make and model in cups/ppd-cache.c - PPDize preset and template names in cups/ppd-cache.c - quote PPD localized strings in cups/ppd-cache.c - fix warnings in cups/ppd-cache.c Checksums-Sha1: 265107cf3c5fad19d808354c83aca432d8163651 3389 cups_2.4.2-3+deb12u8.dsc 45055a7acb8da7cf743b6c572a601418a89f994f 8128785 cups_2.4.2.orig.tar.gz 96713b90c9bb51b3f69ccc4e49913a7781d3ffe5 228 cups_2.4.2.orig.tar.gz.asc 271859b22498c16b0245a7c7bd2b3c6f71210ca1 390072 cups_2.4.2-3+deb12u8.debian.tar.xz 587b4ddb7710e8febcf15c02b3a54f3a7055947d 7714 cups_2.4.2-3+deb12u8_source.buildinfo Checksums-Sha256: 526c48402f1410ae55dccc0dd6e6ebe654d15e877829ea0e2b8aece7a20c56b7 3389 cups_2.4.2-3+deb12u8.dsc f03ccb40b087d1e30940a40e0141dcbba263f39974c20eb9f2521066c9c6c908 8128785 cups_2.4.2.orig.tar.gz 1c116a5fb52e013f4569c3e4cb09a9934ea5e498b9e9d3b823bc2ae09066555b 228 cups_2.4.2.orig.tar.gz.asc e66c4a352a0b89665a8506019f37bfe36a9d032c95c6dad41206ae908404ff9e 390072 cups_2.4.2-3+deb12u8.debian.tar.xz 23c4a1d7d62e18745a769267a96e190b481b2130dd18366b6d962e0797ddf143 7714 cups_2.4.2-3+deb12u8_source.buildinfo Files: 181be255a81e9bca368b1b623e30deeb 3389 net optional cups_2.4.2-3+deb12u8.dsc be5241e2c165eeb83b58aa32de26fb16 8128785 net optional cups_2.4.2.orig.tar.gz eb60d5853f5988a4a91e3db1203fe508 228 net optional cups_2.4.2.orig.tar.gz.asc 2d99e2c9dea93c3978c78b2762909463 390072 net optional cups_2.4.2-3+deb12u8.debian.tar.xz bef18ae5ae399beadec972931c5436a5 7714 net optional cups_2.4.2-3+deb12u8_source.buildinfo -----BEGIN PGP SIGNATURE----- iQKnBAEBCgCRFiEEYgH7/9u94Hgi6ruWlvysDTh7WEcFAmb4GQtfFIAAAAAALgAo aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldDYy MDFGQkZGREJCREUwNzgyMkVBQkI5Njk2RkNBQzBEMzg3QjU4NDcTHGRlYmlhbkBh bHRlaG9sei5kZQAKCRCW/KwNOHtYRxJgEADBjurXZ0n2P1LNUTAmc3cuscgsIJzU S0zWzwsE8AnXHHFdLlifi++kQcZ8Lv3bWWcFAA7yU1b/J6cVNbwgjk6rGQhMpWeZ ZpWiay0HIltdC9qNUmEHuK+X1adFIrWC7HHQcE0rwnboeTPq1jnTqZbLr6wAYFy+ X7JA01n2nCU3IfRXqXNNj8ZSF4xWSyhy6RdD4ip1Bm/tW7SE0Q0SVcGIP0DCI1Oz dWVeUw+t5Ck2WFNzlvirRLLOOM8tvvJ8KVCKd3WCk8IESdDSLLsOfTV5SY+QJ/yr VW4v529/czbt5xPXtudgjoUpqoakCXyPjiwrvA6tCVllLXVbIbo9cKNIvr5rUrOP 2MQyzg4yfox/V2sckS08U5/1M/+pTM0+LfZITL3XmOVHKm4kGVJRdtw2GVbvexOA 4SrJBFATlOKM6VAaAuMXidVU1Va+1a84NAtTWi820XgpDfZniXm1WkGxFmg2/AZh 36V+bou+B0CZ7OTPzEdOs+2u9xwUhCZFIvOEzY+PO4FM0w3ucb7L3zyn+Bz0ITQF huQN0ztvh9R+b3S03mnW3kzr/vKOc9kOccGPxyF8OajuFdVz07sSC8xJTmvOQpI3 t0uQ3LnwmdQ+g9wy2WWXbbuYfQvU/jlr9kcVIS2KU1nGxA6ilyfmUuA++9oBgojL dm9uvjbjvXp6fA== =WzPq -----END PGP SIGNATURE-----