ELA-860-1 cups security update

buffer overflow might cause DoS

2023-06-01
Packagecups
Version1.7.5-11+deb8u10 (jessie), 2.2.1-8+deb9u9 (stretch)
Related CVEs CVE-2023-32324


An issue has been found in cups, the Common UNIX Printing System. Due to a buffer overflow vulnerability in the function format_log_line() a remote attackers could cause a denial-of-service(DoS). The vulnerability can be triggered when the configuration file cupsd.conf sets the value of “loglevel” to “DEBUG”.



For Debian 8 jessie, these problems have been fixed in version 1.7.5-11+deb8u10.

For Debian 9 stretch, these problems have been fixed in version 2.2.1-8+deb9u9.

We recommend that you upgrade your cups packages.

Further information about Extended LTS security advisories can be found in the dedicated section of our website.