-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 - ------------------------------------------------------------------------- Debian Security Advisory DSA-5407-1 security@debian.org https://www.debian.org/security/ Salvatore Bonaccorso May 21, 2023 https://www.debian.org/security/faq - ------------------------------------------------------------------------- Package : cups-filters CVE ID : CVE-2023-24805 Debian Bug : 1036224 It was discovered that missing input sanitising in cups-filters, when using the Backend Error Handler (beh) backend to create an accessible network printer, may result in the execution of arbitrary commands. For the stable distribution (bullseye), this problem has been fixed in version 1.28.7-1+deb11u2. We recommend that you upgrade your cups-filters packages. For the detailed security status of cups-filters please refer to its security tracker page at: https://security-tracker.debian.org/tracker/cups-filters Further information about Debian Security Advisories, how to apply these updates to your system and frequently asked questions can be found at: https://www.debian.org/security/ Mailing list: debian-security-announce@lists.debian.org -----BEGIN PGP SIGNATURE----- iQKTBAEBCgB9FiEERkRAmAjBceBVMd3uBUy48xNDz0QFAmRqIcNfFIAAAAAALgAo aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldDQ2 NDQ0MDk4MDhDMTcxRTA1NTMxRERFRTA1NENCOEYzMTM0M0NGNDQACgkQBUy48xND z0Q/TQ//eDHbekYkCVNTzg+F+bWhG/PboO6n5Xs2eQCrYmObK4DEXx/lUvpIh77u H5EHwMcJaYQpoaDoxJH6ETtGZ+PHsHcf9hjcg3GWhWt1tQ93UIgW3o0y/piyfTyS OIsNv2lk1F7FMvfUOYS/xHxbRdNPKYcEUUqcMJT4Lmj7RS0LpOWpiisxS8BwgUYi AL9ZtyOZTx6R/TXIWkAlR/KW+5OWyRC8SnYaesr2nkTabnwfuDs2RRLj0mUNIKd5 Buj2NsRoEQ1diugBM2/3XHPJaeoCgZeoh2JzZ2V84JRbSxyNVJNJJh+Ot4ONO/Y8 7PrXH7HQPgAyhikKyfgs0OTisHPC32Ezds8lB96eBE7yuy8Oi09vu1WtvQgm9xAd 3sCNgb/PMx8ONTwxLkSfb4tElcNPcjYpMzXJmKIBr4AE8vs3SY2oGyEfeBdj8v2o M62HFxHlPvc2+9KSIh5TLWTvr0Qkpn0etwp7wO+e1M8dCswIQRyimwg6Rfduxi0+ Yr9Fw+vWwh/c9JAg3SdNerGPNB7IWXCQ11+qWk3ai36wqsxMwZC81kTWeFRzaFEl 5xeMWkeCpi91CZr1LM3RKj7UySMLwI/m2BLGEvz11jVZUSW3xu/2UOTD1q1vSr9g Twj2cg6u1RQDzitAqZbxe1aXxwrbnlCTxtnriBD7iqTvb0yQ20A=upCN -----END PGP SIGNATURE-----