CLSA-2026-1779436377 cups: Fix of CVE-2026-27447

CVE-2026-27447: fix authorization bypass in cupsd by replacing case-insensitive username comparisons with byte-exact strcmp against pw-pwname; also include upstream follow-up commit 849fba7d "Fix unauthenticated print policies", Issue 1557 to restore behavior for CUPSDAUTHNONE policies with named...

SUSE-SU-2026:20229-1 Security update for cups

This update for cups fixes the following issues: Update to version 2.4.16. Security issues fixed: - CVE-2025-61915: local denial-of-service via cupsd.conf update and related issues bsc1253783. - CVE-2025-58436: slow client communication leads to a possible DoS attack bsc1244057. - CVE-2025-58364:...

CLSA-2025-1762544838 cups: Fix of CVE-2024-35235

CVE-2024-35235: patch arbitrary chmod vulnerability in cupsd process when starting server with symbolic link Listen configuration item...

DEBIAN-CVE-2023-4504

Due to failure in validating the length provided by an attacker-crafted PPD PostScript document, CUPS and libppd are susceptible to a heap-based buffer overflow and possibly code execution. This issue has been fixed in CUPS version 2.4.7, released in September of 2023...

SUSE CVE-2023-4504

Due to failure in validating the length provided by an attacker-crafted PPD PostScript document, CUPS and libppd are susceptible to a heap-based buffer overflow and possibly code execution. This issue has been fixed in CUPS version 2.4.7, released in September of 2023...

CLSA-2022-1655840189 Fixed CVE-2022-26691 in cups

CVE-2022-26691: Fix authorization bypass when using "local" authorization...