Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!

Bug 906944 (CVE-2023-24805, GHSA-gpxc-v2m8-fr3x)

Summary: <net-print/cups-filters-1.28.17-r2: RCE via beh filter
Product: Gentoo Security Reporter: Hanno Böck <hanno>
Component: VulnerabilitiesAssignee: Gentoo Security <security>
Status: RESOLVED FIXED    
Severity: major CC: printing
Priority: Normal    
Version: unspecified   
Hardware: All   
OS: Linux   
URL: https://github.com/OpenPrinting/cups-filters/security/advisories/GHSA-gpxc-v2m8-fr3x
Whiteboard: B1 [glsa+]
Package list:
Runtime testing required: ---
Bug Depends on: 907063    
Bug Blocks:    

Description Hanno Böck gentoo-dev 2023-05-22 13:17:34 UTC
From upstream: "If you use beh to create an accessible network printer, this security vulnerability can cause remote code execution."

Advisory:
https://github.com/OpenPrinting/cups-filters/security/advisories/GHSA-gpxc-v2m8-fr3x

No updated release yet, but a commit in the repo:
https://github.com/OpenPrinting/cups-filters/commit/8f274035756c04efeb77eb654e9d4c4447287d65
Comment 1 tt_1 2023-05-22 15:10:02 UTC
You can pull backported patch from debian, if you want to.
Comment 2 Larry the Git Cow gentoo-dev 2023-05-24 08:05:54 UTC
The bug has been referenced in the following commit(s):

https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=2c29811eb73520dcfab06a38a184c8f4bf358793

commit 2c29811eb73520dcfab06a38a184c8f4bf358793
Author:     Matthias Maier <tamiko@gentoo.org>
AuthorDate: 2023-05-24 08:01:57 +0000
Commit:     Matthias Maier <tamiko@gentoo.org>
CommitDate: 2023-05-24 08:04:46 +0000

    net-print/cups-filters: drop 1.28.15-r1, 1.28.16-r3, 1.28.17-r1
    
    Bug: https://bugs.gentoo.org/906944
    Signed-off-by: Matthias Maier <tamiko@gentoo.org>

 net-print/cups-filters/Manifest                    |   2 -
 .../cups-filters/cups-filters-1.28.15-r1.ebuild    | 130 ------------------
 .../cups-filters/cups-filters-1.28.16-r3.ebuild    | 144 --------------------
 .../cups-filters/cups-filters-1.28.17-r1.ebuild    | 149 ---------------------
 4 files changed, 425 deletions(-)

https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=d8827cf3d0bb159273e683698824d4572882af9e

commit d8827cf3d0bb159273e683698824d4572882af9e
Author:     Matthias Maier <tamiko@gentoo.org>
AuthorDate: 2023-05-24 08:00:01 +0000
Commit:     Matthias Maier <tamiko@gentoo.org>
CommitDate: 2023-05-24 08:04:46 +0000

    net-print/cups-filters: apply patch for CVE-2023-24805
    
    Bug: https://bugs.gentoo.org/906944
    Signed-off-by: Matthias Maier <tamiko@gentoo.org>

 .../cups-filters/cups-filters-1.28.17-r2.ebuild    | 150 ++++++++++++++
 .../cups-filters-1.28.17-CVE-2023-24805.patch      | 225 +++++++++++++++++++++
 2 files changed, 375 insertions(+)
Comment 3 Hans de Graaff gentoo-dev Security 2023-12-01 14:47:04 UTC
Ping. Can vulnerable version 1.28.17 be removed?
Comment 4 Larry the Git Cow gentoo-dev 2023-12-22 01:27:33 UTC
The bug has been referenced in the following commit(s):

https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=776d18384108722f0d7f23ff86807acd7150ec79

commit 776d18384108722f0d7f23ff86807acd7150ec79
Author:     John Helmert III <ajak@gentoo.org>
AuthorDate: 2023-12-22 01:22:51 +0000
Commit:     John Helmert III <ajak@gentoo.org>
CommitDate: 2023-12-22 01:27:22 +0000

    net-print/cups-filters: drop 1.28.17
    
    Bug: https://bugs.gentoo.org/906944
    Signed-off-by: John Helmert III <ajak@gentoo.org>

 net-print/cups-filters/cups-filters-1.28.17.ebuild | 147 ---------------------
 1 file changed, 147 deletions(-)
Comment 5 Larry the Git Cow gentoo-dev 2024-01-05 14:27:22 UTC
The bug has been referenced in the following commit(s):

https://gitweb.gentoo.org/data/glsa.git/commit/?id=13307cb5778acc25f47ab91c29f839443f3a4cf8

commit 13307cb5778acc25f47ab91c29f839443f3a4cf8
Author:     GLSAMaker <glsamaker@gentoo.org>
AuthorDate: 2024-01-05 14:26:44 +0000
Commit:     Hans de Graaff <graaff@gentoo.org>
CommitDate: 2024-01-05 14:27:10 +0000

    [ GLSA 202401-06 ] CUPS filters: Remote Code Execution
    
    Bug: https://bugs.gentoo.org/906944
    Signed-off-by: GLSAMaker <glsamaker@gentoo.org>
    Signed-off-by: Hans de Graaff <graaff@gentoo.org>

 glsa-202401-06.xml | 43 +++++++++++++++++++++++++++++++++++++++++++
 1 file changed, 43 insertions(+)