Synopsis
Important: cups-filters security update
Type/Severity
Security Advisory: Important
Red Hat Lightspeed patch analysis
Identify and remediate systems affected by this advisory.
View affected systems
Topic
An update for cups-filters is now available for Red Hat Enterprise Linux 8.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Description
The cups-filters package contains back ends, filters, and other software that was once part of the core Common UNIX Printing System (CUPS) distribution but is now maintained independently.
Security Fix(es):
- cups-browsed: cups-browsed binds on UDP INADDR_ANY:631 trusting any packet from any source ()
- cups-filters: libcupsfilters: `cfGetPrinterAttributes` API does not perform sanitization on returned IPP attributes (CVE-2024-47076)
- cups: libppd: remote command injection via attacker controlled data in PPD file ()
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Affected Products
-
Red Hat Enterprise Linux for x86_64 8 x86_64
-
Red Hat Enterprise Linux for IBM z Systems 8 s390x
-
Red Hat Enterprise Linux for Power, little endian 8 ppc64le
-
Red Hat Enterprise Linux for ARM 64 8 aarch64
-
Red Hat CodeReady Linux Builder for x86_64 8 x86_64
-
Red Hat CodeReady Linux Builder for Power, little endian 8 ppc64le
-
Red Hat CodeReady Linux Builder for ARM 64 8 aarch64
-
Red Hat CodeReady Linux Builder for IBM z Systems 8 s390x
-
Red Hat Enterprise Linux for x86_64 - Extended Life Cycle 8.10 x86_64
-
Red Hat Enterprise Linux for ARM 64 - Extended Life Cycle 8.10 aarch64
-
Red Hat Enterprise Linux for Power, little endian - Extended Life Cycle 8.10 ppc64le
-
Red Hat Enterprise Linux for IBM z Systems - Extended Life Cycle 8.10 s390x
Fixes
-
BZ - 2314252
- CVE-2024-47176 cups-browsed: cups-browsed binds on UDP INADDR_ANY:631 trusting any packet from any source
-
BZ - 2314253
- CVE-2024-47076 cups-filters: libcupsfilters: `cfGetPrinterAttributes` API does not perform sanitization on returned IPP attributes
-
BZ - 2314256
- cups: libppd: remote command injection via attacker controlled data in PPD file
Note:
More recent versions of these packages may be available.
Click a package name for more details.
Red Hat Enterprise Linux for x86_64 8
| SRPM |
|
cups-filters-1.20.0-35.el8_10.src.rpm
|
SHA-256: 6acdfcf52f02c8aa36d81763209be68ebf5c0025f27919757369f77b9b8627dc |
| x86_64 |
|
cups-filters-1.20.0-35.el8_10.x86_64.rpm
|
SHA-256: 855def27bdbd1f504c4f88f3f8203bebf222334e1a82c1c61f3762ce502e3680 |
|
cups-filters-debuginfo-1.20.0-35.el8_10.i686.rpm
|
SHA-256: 01ffe5856a08a01a847b834ea67ee7545698be1f738474d8b6741eb6569163f7 |
|
cups-filters-debuginfo-1.20.0-35.el8_10.x86_64.rpm
|
SHA-256: a82f4e8704349315e21b5bd3494aeed864728e8283621cc3fa085b73dafe9e4d |
|
cups-filters-debugsource-1.20.0-35.el8_10.i686.rpm
|
SHA-256: bfa3f796439219710e5f8b7ec1bd465a7c817d02f0cd2aa07192fa0f5e4d96bf |
|
cups-filters-debugsource-1.20.0-35.el8_10.x86_64.rpm
|
SHA-256: 971150f687dffe97686594ba1a1e877e00cf8c6cf7c56312ce7e733b880436bc |
|
cups-filters-libs-1.20.0-35.el8_10.i686.rpm
|
SHA-256: 01fe4ea9bfa9f944b1d18c3b2b4d5001c3d8526c4f1ef5a9dd05120d796ccde4 |
|
cups-filters-libs-1.20.0-35.el8_10.x86_64.rpm
|
SHA-256: 13a6bee4dc72113139aa0c53dd40fdda8c218e57eacc9910be4e0331d05bd903 |
|
cups-filters-libs-debuginfo-1.20.0-35.el8_10.i686.rpm
|
SHA-256: bacb6d20dc21f7059855ebb4cd469af4a18a16bbbbd996eb5b856b13e23388ea |
|
cups-filters-libs-debuginfo-1.20.0-35.el8_10.x86_64.rpm
|
SHA-256: 79467a24676cad6c86b270091e791ae19d5b2b080e8e6d9bec88ab712c6404a2 |
Red Hat Enterprise Linux for IBM z Systems 8
| SRPM |
|
cups-filters-1.20.0-35.el8_10.src.rpm
|
SHA-256: 6acdfcf52f02c8aa36d81763209be68ebf5c0025f27919757369f77b9b8627dc |
| s390x |
|
cups-filters-1.20.0-35.el8_10.s390x.rpm
|
SHA-256: 3aa7c252d527795659248497744900896fd28846f14142042bb164d33a3aa401 |
|
cups-filters-debuginfo-1.20.0-35.el8_10.s390x.rpm
|
SHA-256: 6dfc8efb5282d2391cb21c4ad7150613d1bd572b4c0ececdbb33e0ad812e174f |
|
cups-filters-debugsource-1.20.0-35.el8_10.s390x.rpm
|
SHA-256: 4db71335bc8b7a4ed8520126b0259cea67785f8f6493fcb29af5868987e3cf3e |
|
cups-filters-libs-1.20.0-35.el8_10.s390x.rpm
|
SHA-256: 38012cfad0e13165fe497b9ea91a2e3bc5d4d304345792361a8cfd0ef7eda80c |
|
cups-filters-libs-debuginfo-1.20.0-35.el8_10.s390x.rpm
|
SHA-256: a82228e56799a896d3132559a12cecdca0ec59f86f01f98d5f9cfb8abec782b1 |
Red Hat Enterprise Linux for Power, little endian 8
| SRPM |
|
cups-filters-1.20.0-35.el8_10.src.rpm
|
SHA-256: 6acdfcf52f02c8aa36d81763209be68ebf5c0025f27919757369f77b9b8627dc |
| ppc64le |
|
cups-filters-1.20.0-35.el8_10.ppc64le.rpm
|
SHA-256: 21ca82210e8b1bd43656ef3266dee840fed164a09ea4d83b39be05e85eec611e |
|
cups-filters-debuginfo-1.20.0-35.el8_10.ppc64le.rpm
|
SHA-256: c4a3d236cb82357ebb0d974d9131d3d8b459d489c4e1bd55fe4e4b4c0fcb2e8c |
|
cups-filters-debugsource-1.20.0-35.el8_10.ppc64le.rpm
|
SHA-256: b26866714f3ee620f9e0ade31d0a58ae5c7d9e778abf1b2da353f8e3e9bc6506 |
|
cups-filters-libs-1.20.0-35.el8_10.ppc64le.rpm
|
SHA-256: f943ae66f555e1cb864cf3c841529cbb8f37fd707654d3a2379036d14be93c0e |
|
cups-filters-libs-debuginfo-1.20.0-35.el8_10.ppc64le.rpm
|
SHA-256: 1bcd9e6bcd8fdc528d7573d8c387046e74921ca792f870cc53be875b4fbf655f |
Red Hat Enterprise Linux for ARM 64 8
| SRPM |
|
cups-filters-1.20.0-35.el8_10.src.rpm
|
SHA-256: 6acdfcf52f02c8aa36d81763209be68ebf5c0025f27919757369f77b9b8627dc |
| aarch64 |
|
cups-filters-1.20.0-35.el8_10.aarch64.rpm
|
SHA-256: f7cfa26195636909f7a0ba1fdaae1a866d65009104368d6c889185d9e975a3b8 |
|
cups-filters-debuginfo-1.20.0-35.el8_10.aarch64.rpm
|
SHA-256: 4ec1010070f8770cacc10aacbe21f947528d8379a4e006e9274d3ae1fe11223d |
|
cups-filters-debugsource-1.20.0-35.el8_10.aarch64.rpm
|
SHA-256: 93bde88627684a21f85d0b8e5aae250033cc05bb063ede5930d4d3181d8993d5 |
|
cups-filters-libs-1.20.0-35.el8_10.aarch64.rpm
|
SHA-256: 8ca10ec17d263afb2843d6612837d2ce67f7597125b84967c8defab085115d7d |
|
cups-filters-libs-debuginfo-1.20.0-35.el8_10.aarch64.rpm
|
SHA-256: 6fc9cf8733f82228e0f787d9fc8e653aa3625e406a1a54226eeb4ce338e72cf0 |
Red Hat CodeReady Linux Builder for x86_64 8
| SRPM |
| x86_64 |
|
cups-filters-debuginfo-1.20.0-35.el8_10.i686.rpm
|
SHA-256: 01ffe5856a08a01a847b834ea67ee7545698be1f738474d8b6741eb6569163f7 |
|
cups-filters-debuginfo-1.20.0-35.el8_10.x86_64.rpm
|
SHA-256: a82f4e8704349315e21b5bd3494aeed864728e8283621cc3fa085b73dafe9e4d |
|
cups-filters-debugsource-1.20.0-35.el8_10.i686.rpm
|
SHA-256: bfa3f796439219710e5f8b7ec1bd465a7c817d02f0cd2aa07192fa0f5e4d96bf |
|
cups-filters-debugsource-1.20.0-35.el8_10.x86_64.rpm
|
SHA-256: 971150f687dffe97686594ba1a1e877e00cf8c6cf7c56312ce7e733b880436bc |
|
cups-filters-devel-1.20.0-35.el8_10.i686.rpm
|
SHA-256: 0539b1ce154b591f0e969ca0cd49f81f4d77d8e5b41cb2a9041978bd46c96565 |
|
cups-filters-devel-1.20.0-35.el8_10.x86_64.rpm
|
SHA-256: 7935325eee42d8353712763dde8fa68f47c8965debe4b367b41c2c8cbc4049f1 |
|
cups-filters-libs-debuginfo-1.20.0-35.el8_10.i686.rpm
|
SHA-256: bacb6d20dc21f7059855ebb4cd469af4a18a16bbbbd996eb5b856b13e23388ea |
|
cups-filters-libs-debuginfo-1.20.0-35.el8_10.x86_64.rpm
|
SHA-256: 79467a24676cad6c86b270091e791ae19d5b2b080e8e6d9bec88ab712c6404a2 |
Red Hat CodeReady Linux Builder for Power, little endian 8
| SRPM |
| ppc64le |
|
cups-filters-debuginfo-1.20.0-35.el8_10.ppc64le.rpm
|
SHA-256: c4a3d236cb82357ebb0d974d9131d3d8b459d489c4e1bd55fe4e4b4c0fcb2e8c |
|
cups-filters-debugsource-1.20.0-35.el8_10.ppc64le.rpm
|
SHA-256: b26866714f3ee620f9e0ade31d0a58ae5c7d9e778abf1b2da353f8e3e9bc6506 |
|
cups-filters-devel-1.20.0-35.el8_10.ppc64le.rpm
|
SHA-256: 03237e9e336d68ff81d97cdd8b013571df799a97ee9ca720556d2731051e5e62 |
|
cups-filters-libs-debuginfo-1.20.0-35.el8_10.ppc64le.rpm
|
SHA-256: 1bcd9e6bcd8fdc528d7573d8c387046e74921ca792f870cc53be875b4fbf655f |
Red Hat CodeReady Linux Builder for ARM 64 8
| SRPM |
| aarch64 |
|
cups-filters-debuginfo-1.20.0-35.el8_10.aarch64.rpm
|
SHA-256: 4ec1010070f8770cacc10aacbe21f947528d8379a4e006e9274d3ae1fe11223d |
|
cups-filters-debugsource-1.20.0-35.el8_10.aarch64.rpm
|
SHA-256: 93bde88627684a21f85d0b8e5aae250033cc05bb063ede5930d4d3181d8993d5 |
|
cups-filters-devel-1.20.0-35.el8_10.aarch64.rpm
|
SHA-256: 50059d967932ba1159c7d6c54dd2ce412f9870002720b43ec3b95d2d7e5be15b |
|
cups-filters-libs-debuginfo-1.20.0-35.el8_10.aarch64.rpm
|
SHA-256: 6fc9cf8733f82228e0f787d9fc8e653aa3625e406a1a54226eeb4ce338e72cf0 |
Red Hat CodeReady Linux Builder for IBM z Systems 8
| SRPM |
| s390x |
|
cups-filters-debuginfo-1.20.0-35.el8_10.s390x.rpm
|
SHA-256: 6dfc8efb5282d2391cb21c4ad7150613d1bd572b4c0ececdbb33e0ad812e174f |
|
cups-filters-debugsource-1.20.0-35.el8_10.s390x.rpm
|
SHA-256: 4db71335bc8b7a4ed8520126b0259cea67785f8f6493fcb29af5868987e3cf3e |
|
cups-filters-devel-1.20.0-35.el8_10.s390x.rpm
|
SHA-256: 1df5c2963624bec3f64793928bf8ab25ffc98518841e155252da0e61300c6757 |
|
cups-filters-libs-debuginfo-1.20.0-35.el8_10.s390x.rpm
|
SHA-256: a82228e56799a896d3132559a12cecdca0ec59f86f01f98d5f9cfb8abec782b1 |
Red Hat Enterprise Linux for x86_64 - Extended Life Cycle 8.10
| SRPM |
|
cups-filters-1.20.0-35.el8_10.src.rpm
|
SHA-256: 6acdfcf52f02c8aa36d81763209be68ebf5c0025f27919757369f77b9b8627dc |
| x86_64 |
|
cups-filters-1.20.0-35.el8_10.x86_64.rpm
|
SHA-256: 855def27bdbd1f504c4f88f3f8203bebf222334e1a82c1c61f3762ce502e3680 |
|
cups-filters-debuginfo-1.20.0-35.el8_10.i686.rpm
|
SHA-256: 01ffe5856a08a01a847b834ea67ee7545698be1f738474d8b6741eb6569163f7 |
|
cups-filters-debuginfo-1.20.0-35.el8_10.x86_64.rpm
|
SHA-256: a82f4e8704349315e21b5bd3494aeed864728e8283621cc3fa085b73dafe9e4d |
|
cups-filters-debugsource-1.20.0-35.el8_10.i686.rpm
|
SHA-256: bfa3f796439219710e5f8b7ec1bd465a7c817d02f0cd2aa07192fa0f5e4d96bf |
|
cups-filters-debugsource-1.20.0-35.el8_10.x86_64.rpm
|
SHA-256: 971150f687dffe97686594ba1a1e877e00cf8c6cf7c56312ce7e733b880436bc |
|
cups-filters-libs-1.20.0-35.el8_10.i686.rpm
|
SHA-256: 01fe4ea9bfa9f944b1d18c3b2b4d5001c3d8526c4f1ef5a9dd05120d796ccde4 |
|
cups-filters-libs-1.20.0-35.el8_10.x86_64.rpm
|
SHA-256: 13a6bee4dc72113139aa0c53dd40fdda8c218e57eacc9910be4e0331d05bd903 |
|
cups-filters-libs-debuginfo-1.20.0-35.el8_10.i686.rpm
|
SHA-256: bacb6d20dc21f7059855ebb4cd469af4a18a16bbbbd996eb5b856b13e23388ea |
|
cups-filters-libs-debuginfo-1.20.0-35.el8_10.x86_64.rpm
|
SHA-256: 79467a24676cad6c86b270091e791ae19d5b2b080e8e6d9bec88ab712c6404a2 |
Red Hat Enterprise Linux for ARM 64 - Extended Life Cycle 8.10
| SRPM |
|
cups-filters-1.20.0-35.el8_10.src.rpm
|
SHA-256: 6acdfcf52f02c8aa36d81763209be68ebf5c0025f27919757369f77b9b8627dc |
| aarch64 |
|
cups-filters-1.20.0-35.el8_10.aarch64.rpm
|
SHA-256: f7cfa26195636909f7a0ba1fdaae1a866d65009104368d6c889185d9e975a3b8 |
|
cups-filters-debuginfo-1.20.0-35.el8_10.aarch64.rpm
|
SHA-256: 4ec1010070f8770cacc10aacbe21f947528d8379a4e006e9274d3ae1fe11223d |
|
cups-filters-debugsource-1.20.0-35.el8_10.aarch64.rpm
|
SHA-256: 93bde88627684a21f85d0b8e5aae250033cc05bb063ede5930d4d3181d8993d5 |
|
cups-filters-libs-1.20.0-35.el8_10.aarch64.rpm
|
SHA-256: 8ca10ec17d263afb2843d6612837d2ce67f7597125b84967c8defab085115d7d |
|
cups-filters-libs-debuginfo-1.20.0-35.el8_10.aarch64.rpm
|
SHA-256: 6fc9cf8733f82228e0f787d9fc8e653aa3625e406a1a54226eeb4ce338e72cf0 |
Red Hat Enterprise Linux for Power, little endian - Extended Life Cycle 8.10
| SRPM |
|
cups-filters-1.20.0-35.el8_10.src.rpm
|
SHA-256: 6acdfcf52f02c8aa36d81763209be68ebf5c0025f27919757369f77b9b8627dc |
| ppc64le |
|
cups-filters-1.20.0-35.el8_10.ppc64le.rpm
|
SHA-256: 21ca82210e8b1bd43656ef3266dee840fed164a09ea4d83b39be05e85eec611e |
|
cups-filters-debuginfo-1.20.0-35.el8_10.ppc64le.rpm
|
SHA-256: c4a3d236cb82357ebb0d974d9131d3d8b459d489c4e1bd55fe4e4b4c0fcb2e8c |
|
cups-filters-debugsource-1.20.0-35.el8_10.ppc64le.rpm
|
SHA-256: b26866714f3ee620f9e0ade31d0a58ae5c7d9e778abf1b2da353f8e3e9bc6506 |
|
cups-filters-libs-1.20.0-35.el8_10.ppc64le.rpm
|
SHA-256: f943ae66f555e1cb864cf3c841529cbb8f37fd707654d3a2379036d14be93c0e |
|
cups-filters-libs-debuginfo-1.20.0-35.el8_10.ppc64le.rpm
|
SHA-256: 1bcd9e6bcd8fdc528d7573d8c387046e74921ca792f870cc53be875b4fbf655f |
Red Hat Enterprise Linux for IBM z Systems - Extended Life Cycle 8.10
| SRPM |
|
cups-filters-1.20.0-35.el8_10.src.rpm
|
SHA-256: 6acdfcf52f02c8aa36d81763209be68ebf5c0025f27919757369f77b9b8627dc |
| s390x |
|
cups-filters-1.20.0-35.el8_10.s390x.rpm
|
SHA-256: 3aa7c252d527795659248497744900896fd28846f14142042bb164d33a3aa401 |
|
cups-filters-debuginfo-1.20.0-35.el8_10.s390x.rpm
|
SHA-256: 6dfc8efb5282d2391cb21c4ad7150613d1bd572b4c0ececdbb33e0ad812e174f |
|
cups-filters-debugsource-1.20.0-35.el8_10.s390x.rpm
|
SHA-256: 4db71335bc8b7a4ed8520126b0259cea67785f8f6493fcb29af5868987e3cf3e |
|
cups-filters-libs-1.20.0-35.el8_10.s390x.rpm
|
SHA-256: 38012cfad0e13165fe497b9ea91a2e3bc5d4d304345792361a8cfd0ef7eda80c |
|
cups-filters-libs-debuginfo-1.20.0-35.el8_10.s390x.rpm
|
SHA-256: a82228e56799a896d3132559a12cecdca0ec59f86f01f98d5f9cfb8abec782b1 |
