Описание
Security update for cups
This update for cups fixes the following issues:
- CVE-2023-32324: Fixed a buffer overflow in format_log_line() which could cause a denial-of-service (bsc#1211643).
Список пакетов
Image SLES12-SP5-Azure-BYOS
cups-libs-1.7.5-20.39.1
Image SLES12-SP5-Azure-Basic-On-Demand
cups-libs-1.7.5-20.39.1
Image SLES12-SP5-Azure-HPC-BYOS
cups-libs-1.7.5-20.39.1
Image SLES12-SP5-Azure-HPC-On-Demand
cups-libs-1.7.5-20.39.1
Image SLES12-SP5-Azure-SAP-BYOS
cups-libs-1.7.5-20.39.1
Image SLES12-SP5-Azure-SAP-On-Demand
cups-libs-1.7.5-20.39.1
Image SLES12-SP5-Azure-Standard-On-Demand
cups-libs-1.7.5-20.39.1
Image SLES12-SP5-EC2-BYOS
cups-libs-1.7.5-20.39.1
Image SLES12-SP5-EC2-ECS-On-Demand
cups-libs-1.7.5-20.39.1
Image SLES12-SP5-EC2-On-Demand
cups-libs-1.7.5-20.39.1
Image SLES12-SP5-EC2-SAP-BYOS
cups-libs-1.7.5-20.39.1
Image SLES12-SP5-EC2-SAP-On-Demand
cups-libs-1.7.5-20.39.1
Image SLES12-SP5-GCE-BYOS
cups-libs-1.7.5-20.39.1
Image SLES12-SP5-GCE-On-Demand
cups-libs-1.7.5-20.39.1
Image SLES12-SP5-GCE-SAP-BYOS
cups-libs-1.7.5-20.39.1
Image SLES12-SP5-GCE-SAP-On-Demand
cups-libs-1.7.5-20.39.1
Image SLES12-SP5-SAP-Azure-LI-BYOS-Production
cups-libs-1.7.5-20.39.1
Image SLES12-SP5-SAP-Azure-VLI-BYOS-Production
cups-libs-1.7.5-20.39.1
SUSE Linux Enterprise Server 12 SP2-BCL
cups-1.7.5-20.39.1
cups-client-1.7.5-20.39.1
cups-libs-1.7.5-20.39.1
cups-libs-32bit-1.7.5-20.39.1
SUSE Linux Enterprise Server 12 SP4-ESPOS
cups-1.7.5-20.39.1
cups-client-1.7.5-20.39.1
cups-libs-1.7.5-20.39.1
cups-libs-32bit-1.7.5-20.39.1
SUSE Linux Enterprise Server 12 SP4-LTSS
cups-1.7.5-20.39.1
cups-client-1.7.5-20.39.1
cups-libs-1.7.5-20.39.1
cups-libs-32bit-1.7.5-20.39.1
SUSE Linux Enterprise Server 12 SP5
cups-1.7.5-20.39.1
cups-client-1.7.5-20.39.1
cups-libs-1.7.5-20.39.1
cups-libs-32bit-1.7.5-20.39.1
SUSE Linux Enterprise Server for SAP Applications 12 SP4
cups-1.7.5-20.39.1
cups-client-1.7.5-20.39.1
cups-libs-1.7.5-20.39.1
cups-libs-32bit-1.7.5-20.39.1
SUSE Linux Enterprise Server for SAP Applications 12 SP5
cups-1.7.5-20.39.1
cups-client-1.7.5-20.39.1
cups-libs-1.7.5-20.39.1
cups-libs-32bit-1.7.5-20.39.1
SUSE Linux Enterprise Software Development Kit 12 SP5
cups-ddk-1.7.5-20.39.1
cups-devel-1.7.5-20.39.1
SUSE OpenStack Cloud 9
cups-1.7.5-20.39.1
cups-client-1.7.5-20.39.1
cups-libs-1.7.5-20.39.1
cups-libs-32bit-1.7.5-20.39.1
SUSE OpenStack Cloud Crowbar 9
cups-1.7.5-20.39.1
cups-client-1.7.5-20.39.1
cups-libs-1.7.5-20.39.1
cups-libs-32bit-1.7.5-20.39.1
Ссылки
- Link for SUSE-SU-2023:2346-1
- E-Mail link for SUSE-SU-2023:2346-1
- SUSE Security Ratings
- SUSE Bug 1211643
- SUSE CVE CVE-2023-32324 page
Описание
OpenPrinting CUPS is an open source printing system. In versions 2.4.2 and prior, a heap buffer overflow vulnerability would allow a remote attacker to launch a denial of service (DoS) attack. A buffer overflow vulnerability in the function `format_log_line` could allow remote attackers to cause a DoS on the affected system. Exploitation of the vulnerability can be triggered when the configuration file `cupsd.conf` sets the value of `loglevel `to `DEBUG`. No known patches or workarounds exist at time of publication.
Затронутые продукты
Image SLES12-SP5-Azure-BYOS:cups-libs-1.7.5-20.39.1
Image SLES12-SP5-Azure-Basic-On-Demand:cups-libs-1.7.5-20.39.1
Image SLES12-SP5-Azure-HPC-BYOS:cups-libs-1.7.5-20.39.1
Image SLES12-SP5-Azure-HPC-On-Demand:cups-libs-1.7.5-20.39.1
Ссылки
- CVE-2023-32324
- SUSE Bug 1211643