Changeset 23dd524 for pst/printing/cups-browsed.xml

Timestamp:

10/09/2024 08:21:04 PM (3 days ago)

Author:

Douglas R. Reno <renodr@…>

Branches:

trunk

Children:

657c8a0

Parents:

1f7aca6

Message:

Fix a chain of remote code execution vulnerabilities in CUPS (#20456).

These include the following CVE numbers:

• CVE-2024-47176
• CVE-2024-47076
• CVE-2024-47175
• CVE-2024-47177
• CVE-2024-47850

File:

• pst/printing/cups-browsed.xml (modified) (1 diff)

pst/printing/cups-browsed.xml

@@ -94 +94 @@
   <sect2 role="installation">
     <title>Installation of cups-browsed</title>
+
+    <para>
+      First, fix a security vulnerability that can be allow for remote code
+      execution:
+      <!-- Mitigates the issue by removing the affected support like other
+      distros are doing -->
+    </para>
+
+<screen><userinput remap="pre">sed -i '188 s/dnssd cups/dnssd/' configure.ac &amp;&amp;
+autoreconf -fiv</userinput></screen>
 
     <para>