Early Access — Mondoo Vulnerability Intelligence is currently in preview.

SUSE-SU-2024:3570-1 | Mondoo Vulnerability Intelligence

SUSE-SU-2024:3570-1

UNKNOWN

Security update for cups-filters

Published Oct 9, 2024

Modified 1 years ago

Fix available

Details

This update for cups-filters fixes the following issues:

CVE-2024-47176: cups-browsed binds on UDP port 631 and trusts packets that try to trigger a Get-Printer-Attributes IPP request. (bsc#1230939)
CVE-2024-47850: cups-browsed can be abused to initiate remote DDoS against third-party targets (bsc#1231294)

The fix is disabling the CUPS protocol in cups-browsed.

Affected Packages

SUSE:Linux Enterprise Server 12 SP5cups-filters

Fixed in:

1.0.58-19.26.1

SUSE:Linux Enterprise Server 12 SP5cups-filters-cups-browsed

Fixed in:

1.0.58-19.26.1

SUSE:Linux Enterprise Server 12 SP5cups-filters-foomatic-rip

Fixed in:

1.0.58-19.26.1

SUSE:Linux Enterprise Server 12 SP5cups-filters-ghostscript

Fixed in:

1.0.58-19.26.1

SUSE:Linux Enterprise Server 12 SP5libpoppler-glib8

Fixed in:

0.43.0-16.49.1

SUSE:Linux Enterprise Server 12 SP5libpoppler-qt4-4

Fixed in:

0.43.0-16.49.1

SUSE:Linux Enterprise Server 12 SP5libpoppler60

Fixed in:

0.43.0-16.49.1

SUSE:Linux Enterprise Server 12 SP5poppler

Fixed in:

0.43.0-16.49.1

SUSE:Linux Enterprise Server 12 SP5poppler-qt

Fixed in:

0.43.0-16.49.1

SUSE:Linux Enterprise Server 12 SP5poppler-tools

Fixed in:

0.43.0-16.49.1

SUSE:Linux Enterprise Server for SAP Applications 12 SP5cups-filters

Fixed in:

1.0.58-19.26.1

SUSE:Linux Enterprise Server for SAP Applications 12 SP5cups-filters-cups-browsed

Fixed in:

1.0.58-19.26.1

SUSE:Linux Enterprise Server for SAP Applications 12 SP5cups-filters-foomatic-rip

Fixed in:

1.0.58-19.26.1

SUSE:Linux Enterprise Server for SAP Applications 12 SP5cups-filters-ghostscript

Fixed in:

1.0.58-19.26.1

SUSE:Linux Enterprise Server for SAP Applications 12 SP5libpoppler-glib8

Fixed in:

0.43.0-16.49.1

SUSE:Linux Enterprise Server for SAP Applications 12 SP5libpoppler-qt4-4

Fixed in:

0.43.0-16.49.1

SUSE:Linux Enterprise Server for SAP Applications 12 SP5libpoppler60

Fixed in:

0.43.0-16.49.1

SUSE:Linux Enterprise Server for SAP Applications 12 SP5poppler

Fixed in:

0.43.0-16.49.1

SUSE:Linux Enterprise Server for SAP Applications 12 SP5poppler-qt

Fixed in:

0.43.0-16.49.1

SUSE:Linux Enterprise Server for SAP Applications 12 SP5poppler-tools

Fixed in:

0.43.0-16.49.1

SUSE:Linux Enterprise Software Development Kit 12 SP5libpoppler-cpp0

Fixed in:

0.43.0-16.49.1

SUSE:Linux Enterprise Software Development Kit 12 SP5libpoppler-devel

Fixed in:

0.43.0-16.49.1

SUSE:Linux Enterprise Software Development Kit 12 SP5libpoppler-glib-devel

Fixed in:

0.43.0-16.49.1

SUSE:Linux Enterprise Software Development Kit 12 SP5libpoppler-qt4-devel

Fixed in:

0.43.0-16.49.1

SUSE:Linux Enterprise Software Development Kit 12 SP5poppler

Fixed in:

0.43.0-16.49.1

SUSE:Linux Enterprise Software Development Kit 12 SP5poppler-qt

Fixed in:

0.43.0-16.49.1

SUSE:Linux Enterprise Software Development Kit 12 SP5typelib-1_0-Poppler-0_18

Fixed in:

0.43.0-16.49.1

Timeline

PublishedOct 9, 2024

ModifiedOct 9, 2024

SUSE-SU-2024:3570-1

Details

Affected Packages

References

Upstream

Related

Ecosystems

Timeline