FS#78673 : [cups] 1:2.4.2-7: CVE-2023-32324 heap buffer overflow in cupsd

FS#78673 - [cups] 1:2.4.2-7: CVE-2023-32324 heap buffer overflow in cupsd

Attached to Project: Arch Linux
Opened by Pascal Ernster (hardfalcon) - Thursday, 01 June 2023, 11:27 GMT
Last edited by Toolybird (Toolybird) - Thursday, 01 June 2023, 23:05 GMT

Task Type	Bug Report
Category	Security
Status	Closed
Assigned To	No-one
Architecture	All
Severity	Low
Priority	Normal
Reported Version
Due in Version	Undecided
Due Date	Undecided
Percent Complete
Votes	0
Private	No

Details

Both a fix and a PoC have been published for CVE-2023-32324, which is a heap buffer overflow that might affect cupsd in certain configurations:

https://www.openwall.com/lists/oss-security/2023/06/01/1

The PoC did *not* work on my machine, but it's probably still better to err on the safe side and include the fix until upstream publishes a new release.

This task depends upon

Closed by Toolybird (Toolybird)
Thursday, 01 June 2023, 23:05 GMT
Reason for closing: Fixed
Additional comments about closing: cups 1:2.4.3-1

	Tasks related to this task (0)

Duplicate tasks of this task (0)

Arch Linux

FS#78673 - [cups] 1:2.4.2-7: CVE-2023-32324 heap buffer overflow in cupsd

Details

Loading...