Описание
ELSA-2025-15702: cups security update (IMPORTANT)
[1:2.2.6-63]
- RHEL-112424 CVE-2025-58060 cups: Authentication Bypass in CUPS Authorization Handling
Обновленные пакеты
Oracle Linux 8
Oracle Linux aarch64
cups
2.2.6-63.el8_10
cups-client
2.2.6-63.el8_10
cups-devel
2.2.6-63.el8_10
cups-filesystem
2.2.6-63.el8_10
cups-ipptool
2.2.6-63.el8_10
cups-libs
2.2.6-63.el8_10
cups-lpd
2.2.6-63.el8_10
Oracle Linux x86_64
cups
2.2.6-63.el8_10
cups-client
2.2.6-63.el8_10
cups-devel
2.2.6-63.el8_10
cups-filesystem
2.2.6-63.el8_10
cups-ipptool
2.2.6-63.el8_10
cups-libs
2.2.6-63.el8_10
cups-lpd
2.2.6-63.el8_10
Связанные CVE
Связанные уязвимости
OpenPrinting CUPS is an open source printing system for Linux and other Unix-like operating systems. In versions 2.4.12 and earlier, when the `AuthType` is set to anything but `Basic`, if the request contains an `Authorization: Basic ...` header, the password is not checked. This results in authentication bypass. Any configuration that allows an `AuthType` that is not `Basic` is affected. Version 2.4.13 fixes the issue.
OpenPrinting CUPS is an open source printing system for Linux and other Unix-like operating systems. In versions 2.4.12 and earlier, when the `AuthType` is set to anything but `Basic`, if the request contains an `Authorization: Basic ...` header, the password is not checked. This results in authentication bypass. Any configuration that allows an `AuthType` that is not `Basic` is affected. Version 2.4.13 fixes the issue.
OpenPrinting CUPS is an open source printing system for Linux and other Unix-like operating systems. In versions 2.4.12 and earlier, when the `AuthType` is set to anything but `Basic`, if the request contains an `Authorization: Basic ...` header, the password is not checked. This results in authentication bypass. Any configuration that allows an `AuthType` that is not `Basic` is affected. Version 2.4.13 fixes the issue.
cups has Authentication bypass with AuthType Negotiate
OpenPrinting CUPS is an open source printing system for Linux and othe ...