Changeset 23dd524 for pst/printing/libppd.xml

Timestamp:

10/09/2024 08:21:04 PM (3 days ago)

Author:

Douglas R. Reno <renodr@…>

Branches:

trunk

Children:

657c8a0

Parents:

1f7aca6

Message:

Fix a chain of remote code execution vulnerabilities in CUPS (#20456).

These include the following CVE numbers:

• CVE-2024-47176
• CVE-2024-47076
• CVE-2024-47175
• CVE-2024-47177
• CVE-2024-47850

File:

• pst/printing/libppd.xml (modified) (2 diffs)

pst/printing/libppd.xml

@@ -68 +68 @@
     </itemizedlist>
 
+    <bridgehead renderas="sect3">Additional Downloads</bridgehead>
+    <itemizedlist spacing="compact">
+      <listitem>
+        <para>
+          Required patch:
+          <ulink url="&patch-root;/libppd-&libppd-version;-upstream_fixes-1.patch"/>
+        </para>
+      </listitem>
+    </itemizedlist>
+
     <bridgehead renderas="sect3">libppd Dependencies</bridgehead>
 
@@ -79 +89 @@
   <sect2 role="installation">
     <title>Installation of libppd</title>
+
+    <para>
+      First, fix a security vulnerability that could allow for remote code
+      execution:
+    </para>
+
+<screen><userinput remap="pre">patch -Np1 -i ../libppd-&libppd-version;-upstream_fixes-1.patch</userinput></screen>
 
     <para>