Fabre

#1011769 cups: CVE-2022-26691: authorization bypass when using "local" authorization #1011769

Package:: src:cups

Source:: cups

Submitter:: Salvatore Bonaccorso

Date:: 2022-05-27 00:33:03 UTC

Severity:: grave

Tags:

#1011769#5

Date:: 2022-05-26 13:36:38 UTC

From:

To:

Source: cups
Version: 2.4.1op1-2
Severity: grave
Tags: security upstream
X-Debbugs-Cc: carnil@debian.org, Debian Security Team <team@security.debian.org>
Control: found -1 2.3.3op2-3+deb11u1
Control: found -1 2.3.3op2-3
Control: found -1 2.2.10-6+deb10u5
Control: found -1 2.2.10-6
Control: fixed -1 2.3.3op2-3+deb11u2
Control: fixed -1 2.2.10-6+deb10u6

Hi,

The following vulnerability was published for cups.

Thorsten, just filling for tracking in BTS.

CVE-2022-26691[0]:
| authorization bypass when using "local" authorization

If you fix the vulnerability please also make sure to include the
CVE (Common Vulnerabilities & Exposures) id in your changelog entry.

For further information see:

[0] https://security-tracker.debian.org/tracker/CVE-2022-26691
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-26691

Regards,
Salvatore

#1011769#22

Date:: 2022-05-26 23:32:06 UTC

From:

To:

Manually closing this bug as the fix for this CVE was done in version
2.4.2-1.

   Thorsten

#1011769 cups: CVE-2022-26691: authorization bypass when using "local" authorization #1011769

Just Reply to ...

Reply to submitter ...

Send control command (Silently)

Set Architecture Tags (Silently)