Release date:
2026-04-28 16:14:42 UTC
Description:
- CVE-2026-34980: filter control characters from IPP option values and
allowlist PPD keywords returned by filters so a remote attacker cannot
inject cupsFilter/cupsFilter2 entries on a shared PostScript queue and
gain code execution as the cupsd user.
Updated packages:
-
cups-2.2.6-40.el8.tuxcare.els8.x86_64.rpm
sha:15cc3f50aad7dbc679fc42612285a9cdea63045beef00267a125e856c3433240
-
cups-client-2.2.6-40.el8.tuxcare.els8.x86_64.rpm
sha:68f0d9c5d153ff3b1d750d76b1f13e58113ff34eb7c1d395003835514e7a24e0
-
cups-devel-2.2.6-40.el8.tuxcare.els8.i686.rpm
sha:9ab285011766b97f5dbd6ab21cd62f499471d316a48104552c1d3ca4d27b49e1
-
cups-devel-2.2.6-40.el8.tuxcare.els8.x86_64.rpm
sha:d72a6b235b5016830a61645635418dddcb1c6dfc721159e62bebf70e3d96f067
-
cups-filesystem-2.2.6-40.el8.tuxcare.els8.noarch.rpm
sha:6af3b7c7034fd32fa53469fc795d4aecd92baaf30f41d58bfcf7dcd3a18d18ed
-
cups-ipptool-2.2.6-40.el8.tuxcare.els8.x86_64.rpm
sha:1b85fc58753042956bf8f9d0f01c748d0febbc335a1760e87bdbda0b767b64e4
-
cups-libs-2.2.6-40.el8.tuxcare.els8.i686.rpm
sha:7ba3b8ce0d44b5cbaf9f7b12d72d902d4aae95dc85e2ccf1538733d39250da6f
-
cups-libs-2.2.6-40.el8.tuxcare.els8.x86_64.rpm
sha:ecab0e9ef2e03f2da75143d91e25a48623e19cbf951c0a5be1e39f720e6f80c4
-
cups-lpd-2.2.6-40.el8.tuxcare.els8.x86_64.rpm
sha:95200f3580d394342bfd1856bcd6b0925b537470cc6c10547f08f3ceba63d870
Notes:
This page is generated automatically and has not been checked for errors. For clarification or
corrections please contact the
CloudLinux Packaging Team.
