rpms/cups-filters
7
0
Fork 0
Code Issues Pull Requests Releases Activity

CVE-2024-47176 cups-filters: cups-browsed binds on UDP INADDR_ANY:631 trusting any packet from any source

Browse Source 
Resolves: RHEL-60317
This commit is contained in:
Zdenek Dohnal 2024-10-01 13:39:15 +02:00
parent f14097377d
commit acdd4f091b
1 changed files with 10 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

10
cups-filters.spec
View File

@ -228,6 +228,7 @@ The package provides filters and cups-brf backend needed for braille printing.
%else
--disable-braille \
%endif
--with-browseremoteprotocols=none\
--with-remote-cups-local-queue-naming=RemoteName
%make_build
@ -281,6 +282,14 @@ do
fi
done
# Set BrowseRemoteProtocols to none in light of CVE-2024-47176
if ! grep -Fxq "# added by post scriptlet" %{_sysconfdir}/cups/cups-browsed.conf
then
cp %{_sysconfdir}/cups/cups-browsed.conf %{_sysconfdir}/cups/cups-browsed.conf.rpmsave
sed -i "s/^\s*BrowseRemoteProtocols.*/# added by post scriptlet\nBrowseRemoteProtocols none/" %{_sysconfdir}/cups/cups-browsed.conf
fi
%preun
%systemd_preun cups-browsed.service
@ -448,6 +457,7 @@ fi
* Tue Oct 01 2024 Zdenek Dohnal <zdohnal@redhat.com> - 1.28.7-18
- CVE-2024-47175 cups-filters: remote command injection via attacker controlled data in PPD file
- CVE-2024-47076 cups-filters: `cfGetPrinterAttributes` API does not perform sanitization on returned IPP attributes
- CVE-2024-47176 cups-filters: cups-browsed binds on UDP INADDR_ANY:631 trusting any packet from any source
* Tue Aug 06 2024 Zdenek Dohnal <zdohnal@redhat.com> - 1.28.7-17
- RHEL-46785 - fix errors during installability tests about modified cups-browsed.conf