Bug 25874 - cups new security issue CVE-2019-2228
Summary: cups new security issue CVE-2019-2228
Status: RESOLVED FIXED
Alias: None
Product: Mageia
Classification: Unclassified
Component: Security (show other bugs)
Version: 7
Hardware: All Linux
Priority: Normal normal
Target Milestone: ---
Assignee: Thierry Vignaud
QA Contact: Sec team
URL:
Whiteboard:
Keywords:
Depends on: 26531
Blocks: 25317
  Show dependency treegraph
 
Reported: 2019-12-14 18:36 CET by David Walser
Modified: 2020-06-11 00:30 CEST (History)
0 users

See Also:
Source RPM: cups-2.2.11-2.mga7.src.rpm
CVE:
Status comment:

Attachments
Add an attachment (proposed patch, testcase, etc.)

Description David Walser 2019-12-14 18:36:46 CET 
CUPS 2.2.13 has been released on December 13, fixing a security issue:
https://github.com/apple/cups/releases/tag/v2.2.13

Mageia 7 is also affected.
David Walser 2019-12-14 18:36:59 CET

Whiteboard: (none) => MGA7TOO

Comment 1 Lewis Smith 2019-12-14 20:34:56 CET 
Assigning to Thierry as both registered and active 'cups' maintainer.

Assignee: bugsquad => thierry.vignaud

Comment 2 David Walser 2019-12-16 17:47:56 CET 
Also fixed in 2.3.1, uploaded to Cauldron by Thierry.

Whiteboard: MGA7TOO => (none)
Version: Cauldron => 7

David Walser 2020-01-14 17:32:56 CET

Blocks: (none) => 25317
Status comment: (none) => Fixed upstream in 2.2.13

David Walser 2020-04-23 21:07:37 CEST

Depends on: (none) => 26531

Comment 3 David Walser 2020-04-28 02:56:37 CEST 
Ubuntu has issued an advisory for this today (April 27):
https://usn.ubuntu.com/4340-1/
David Walser 2020-05-22 19:51:32 CEST

Source RPM: cups-2.2.12-5.mga8.src.rpm => cups-2.2.11-2.mga7.src.rpm

Comment 4 David Walser 2020-05-22 23:46:25 CEST 
Fix assigned to QA in Bug 26531.

Status comment: Fixed upstream in 2.2.13 => (none)

Comment 5 David Walser 2020-06-11 00:30:39 CEST 
Fixed in:
https://advisories.mageia.org/MGASA-2020-0248.html

Status: NEW => RESOLVED
Resolution: (none) => FIXED
Note You need to log in before you can comment on or make changes to this bug.