Bug 25874

Summary: cups new security issue CVE-2019-2228
Product: Mageia Reporter: David Walser <luigiwalser>
Component: SecurityAssignee: Thierry Vignaud <thierry.vignaud>
Status: RESOLVED FIXED QA Contact: Sec team <security>
Severity: normal    
Priority: Normal    
Version: 7   
Target Milestone: ---   
Hardware: All   
OS: Linux   
Whiteboard:
Source RPM: cups-2.2.11-2.mga7.src.rpm CVE:
Status comment:
Bug Depends on: 26531    
Bug Blocks: 25317    

Description David Walser 2019-12-14 18:36:46 CET 
CUPS 2.2.13 has been released on December 13, fixing a security issue:
https://github.com/apple/cups/releases/tag/v2.2.13

Mageia 7 is also affected.
David Walser 2019-12-14 18:36:59 CET

Whiteboard: (none) => MGA7TOO

Comment 1 Lewis Smith 2019-12-14 20:34:56 CET 
Assigning to Thierry as both registered and active 'cups' maintainer.

Assignee: bugsquad => thierry.vignaud

Comment 2 David Walser 2019-12-16 17:47:56 CET 
Also fixed in 2.3.1, uploaded to Cauldron by Thierry.

Whiteboard: MGA7TOO => (none)
Version: Cauldron => 7

David Walser 2020-01-14 17:32:56 CET

Blocks: (none) => 25317
Status comment: (none) => Fixed upstream in 2.2.13

David Walser 2020-04-23 21:07:37 CEST

Depends on: (none) => 26531

Comment 3 David Walser 2020-04-28 02:56:37 CEST 
Ubuntu has issued an advisory for this today (April 27):
https://usn.ubuntu.com/4340-1/
David Walser 2020-05-22 19:51:32 CEST

Source RPM: cups-2.2.12-5.mga8.src.rpm => cups-2.2.11-2.mga7.src.rpm

Comment 4 David Walser 2020-05-22 23:46:25 CEST 
Fix assigned to QA in Bug 26531.

Status comment: Fixed upstream in 2.2.13 => (none)

Comment 5 David Walser 2020-06-11 00:30:39 CEST 
Fixed in:
https://advisories.mageia.org/MGASA-2020-0248.html

Status: NEW => RESOLVED
Resolution: (none) => FIXED