-
Fri Dec 12 2025 Zdenek Dohnal <zdohnal@redhat.com> - 1:2.3.3op2-34.2
- fix use-after-free reported by OSH
-
Tue Dec 09 2025 Zdenek Dohnal <zdohnal@redhat.com> - 1:2.3.3op2-34.1
- RHEL-129746 CVE-2025-58436 cups: Slow client communication leads to a possible DoS attack
- RHEL-129738 CVE-2025-61915 cups: Local denial-of-service via cupsd.conf update and related issues
-
Thu Sep 11 2025 Zdenek Dohnal <zdohnal@redhat.com> - 1:2.3.3op2-34
- RHEL-112435 CVE-2025-58060 cups: Authentication Bypass in CUPS Authorization Handling
- RHEL-113078 CVE-2025-58364 cups: Null Pointer Dereference in CUPS ipp_read_io() Leading to Remote DoS
-
Wed Jan 08 2025 Zdenek Dohnal <zdohnal@redhat.com> - 1:2.3.3op2-33
- Add NoSystem SSLOptions value
-
Mon Dec 09 2024 Zdenek Dohnal <zdohnal@redhat.com> - 1:2.3.3op2-32
- RHEL-68414 Inability to disable weak ciphers in CUPS configuration
-
Tue Oct 01 2024 Zdenek Dohnal <zdohnal@redhat.com> - 1:2.3.3op2-31
- RHEL-60343 CVE-2024-47175 cups: remote command injection via attacker controlled data in PPD file
-
Thu Aug 15 2024 Zdenek Dohnal <zdohnal@redhat.com> - 1:2.3.3op2-30
- RHEL-6526 cups source rpm doesn't actually build lspp support
- fix memory leaks from LSPP
-
Wed Jun 19 2024 Pavol Zacik <pzacik@redhat.com> - 1:2.3.3op2-29
- Revert the cups-libs license identifier to the "legacy" format
-
Tue Jun 18 2024 Pavol Zacik <pzacik@redhat.com> - 1:2.3.3op2-28
- RHEL-39940 cups: Cupsd Listen arbitrary chmod 0140777
- Delete the domain socket file after stopping the cups.socket service
- Fix cupsd Listener checks
-
Mon Jun 10 2024 Pavol Zacik <pzacik@redhat.com> - 1:2.3.3op2-27
- CVE-2024-35235 cups: Cupsd Listen arbitrary chmod 0140777