CUPS 2.4.2 has been released today (May 26), fixing a security issue: https://openprinting.github.io/cups-2.4.2/ Mageia 8 is also affected.
Status comment: (none) => Fixed upstream in 2.4.2Whiteboard: (none) => MGA8TOO
openSUSE has issued an advisory for this today (May 26): https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/7NQSHXNFEE2OGIYVYN23S2BDDQTAGLSJ/
Another one for you, Thierry.
Assignee: bugsquad => thierry.vignaud
Debian has issued an advisory for this on May 26: https://www.debian.org/security/2022/dsa-5149
Ubuntu has issued an advisory for this on May 31: https://ubuntu.com/security/notices/USN-5454-1
Fedora has issued an advisory for this on June 4: https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/thread/KQ6TD7F3VRITPEHFDHZHK7MU6FEBMZ5U/
Whiteboard: MGA8TOO => (none)Version: Cauldron => 8
RedHat has issued an advisory for this today (June 13): https://access.redhat.com/errata/RHSA-2022:4990
Fedora has issued an advisory for this today (June 16): https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/thread/YQRIT4H75XV6M42K7ZTARWZ7YLLYQHPO/ They patched the same version we have in Mageia 8.
Suggested advisory: ======================== The updated packages fix a security vulnerability: Authentication bypass and code execution vulnerability. (CVE-2022-26691) References: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-26691 https://openprinting.github.io/cups-2.4.2/ https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/7NQSHXNFEE2OGIYVYN23S2BDDQTAGLSJ/ https://www.debian.org/security/2022/dsa-5149 https://ubuntu.com/security/notices/USN-5454-1 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/thread/KQ6TD7F3VRITPEHFDHZHK7MU6FEBMZ5U/ https://access.redhat.com/errata/RHSA-2022:4990 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/thread/YQRIT4H75XV6M42K7ZTARWZ7YLLYQHPO/ ======================== Updated packages in core/updates_testing: ======================== cups-2.3.3op2-1.1.mga8 cups-common-2.3.3op2-1.1.mga8 cups-filesystem-2.3.3op2-1.1.mga8 cups-printerapp-2.3.3op2-1.1.mga8 lib(64)cups2-2.3.3op2-1.1.mga8 lib(64)cups2-devel-2.3.3op2-1.1.mga8 from SRPM: cups-2.3.3op2-1.1.mga8.src.rpm
Status comment: Fixed upstream in 2.4.2 => (none)CC: (none) => nicolas.salgueroCVE: (none) => CVE-2022-26691Assignee: thierry.vignaud => qa-bugsSource RPM: cups-2.4.1-5.mga9.src.rpm => cups-2.3.3op2-1.mga8.src.rpmStatus: NEW => ASSIGNED
MGA8-64 MATE on Acer Aspire 5253 No instaallation issues. I have an HP Envy 6022 allinone as network device. Removed the device in cups (localhost:631), buy I'm not familiar enough with this (do not understand all the options) to add the device again, so reverted to MCC-Hardware, and there could add the device OK. Checked also the scanner function and that works well with simple-scan. I cann't test locally connection.
CC: (none) => herman.viaene
MGA8-64 Plasma. No installation issues. I tested using an HP Color Laserjet CP1215, connected locally via usb. I printed two test pages from the HP Device Manager, one in color, the other in monochrome. Loaded a color photo into Gwenview, and printed it. Used system-config-printer from MCC to print yet another test page, and then printed a test page using the generic Boomaga printer. No issues noted. Giving this an OK, based on my test and Herman's, and validating. Advisory in Comment 8.
CC: (none) => andrewsfarm, sysadmin-bugsKeywords: (none) => validated_updateWhiteboard: (none) => MGA8-64-OK
Keywords: (none) => advisoryCC: (none) => davidwhodgins
An update for this issue has been pushed to the Mageia Updates repository. https://advisories.mageia.org/MGASA-2022-0392.html
Resolution: (none) => FIXEDStatus: ASSIGNED => RESOLVED