[ubuntu/plucky-updates] cups 2.4.12-0ubuntu1.6 (Accepted)
Ubuntu Archive Robot
ubuntu-archive-robot at lists.canonical.com
Thu Dec 4 19:29:29 UTC 2025
cups (2.4.12-0ubuntu1.6) plucky-security; urgency=medium
* SECURITY UPDATE: Slow client communication leads to a possible DoS
attack
- debian/patches/CVE-2025-58436-1.patch: fix unresponsive cupsd process
caused by a slow client in cups/http-private.h, cups/http.c,
cups/tls-openssl.c, scheduler/client.c, scheduler/client.h,
scheduler/select.c.
- debian/patches/CVE-2025-58436-2.patch: fix an infinite loop issue in
GTK+ in cups/http.c.
- CVE-2025-58436
* SECURITY REGRESSION: issue with invalid configuration (LP: #2133207)
- debian/patches/lp2133207.patch: fix stopping scheduler on unknown
directive in scheduler/conf.c.
Date: 2025-12-04 12:25:13.128372+00:00
Changed-By: Marc Deslauriers <marc.deslauriers at canonical.com>
Signed-By: Ubuntu Archive Robot <ubuntu-archive-robot at lists.canonical.com>
https://launchpad.net/ubuntu/+source/cups/2.4.12-0ubuntu1.6
-------------- next part --------------
Sorry, changesfile not available.
More information about the plucky-changes
mailing list