Release date:
2026-04-24 16:18:05 UTC
Description:
* SECURITY UPDATE: filter control characters from option values in the
scheduler to prevent PPD keyword injection via Print-Job.
- debian/patches/CVE-2026-34980.patch: filter out control characters
from IPP option values in scheduler/job.c and filter out special
PPD keywords in the CUPSD_LOG_PPD branch of update_job().
- CVE-2026-34980.
Updated packages:
-
cups_2.2.10-6+deb10u10+tuxcare.els2_amd64.deb
sha:bb13118c1863bd036d7a2154e56a070e26b83a12
-
cups-bsd_2.2.10-6+deb10u10+tuxcare.els2_amd64.deb
sha:e008ea1d0497814da691df3c47cf41e7f21b7a50
-
cups-client_2.2.10-6+deb10u10+tuxcare.els2_amd64.deb
sha:eca2cb700e3edb2e063f4989c685b97112f57d68
-
cups-common_2.2.10-6+deb10u10+tuxcare.els2_all.deb
sha:c3ba2dd8e152a1718836a42e3dcbe2a0b3fb0464
-
cups-core-drivers_2.2.10-6+deb10u10+tuxcare.els2_amd64.deb
sha:f179557d237f431d4a055b77e5a1eb9ea5ff65b8
-
cups-daemon_2.2.10-6+deb10u10+tuxcare.els2_amd64.deb
sha:e8e3a9d29e1ceca338cc5e6c43270474ee77b7cc
-
cups-ipp-utils_2.2.10-6+deb10u10+tuxcare.els2_amd64.deb
sha:098dc3ec43a871514fd47c704f7b507865019eb9
-
cups-ppdc_2.2.10-6+deb10u10+tuxcare.els2_amd64.deb
sha:b3fa74cf557016150c38c4f0e218c991bf3ba5d9
-
cups-server-common_2.2.10-6+deb10u10+tuxcare.els2_all.deb
sha:a47d1abbad56b0db668713209a221556dc502397
-
libcups2_2.2.10-6+deb10u10+tuxcare.els2_amd64.deb
sha:ee42e1f93684e835e66f50bf0b59f70d5758f944
-
libcups2-dev_2.2.10-6+deb10u10+tuxcare.els2_amd64.deb
sha:aa16adbda5b7f6ca384599492198faee8958e34f
-
libcupsimage2_2.2.10-6+deb10u10+tuxcare.els2_amd64.deb
sha:0566ef7f367e963b86d27d8beb85d22db303842d
-
libcupsimage2-dev_2.2.10-6+deb10u10+tuxcare.els2_amd64.deb
sha:6ee117f21ccbc75997363f3fc4fefe00f9dfa6f6
Notes:
This page is generated automatically and has not been checked for errors. For clarification or
corrections please contact the
CloudLinux Packaging Team.
