cups (2.4.2-6) unstable; urgency=low This release addresses a security issue (CVE-2023-32360) which allows unauthorized users to fetch documents over local or remote networks. Since this is a configuration fix, it might be that it does not reach you if you are updating 'cups-daemon' (rather than doing a fresh installation). Please double check your /etc/cups/cupsd.conf file, whether it limits the access to CUPS-Get-Document with something like the following > <Limit CUPS-Get-Document> > AuthType Default > Require user @OWNER @SYSTEM > Order deny,allow > </Limit> (The important line is the 'AuthType Default' in this section) -- Thorsten Alteholz <debian@alteholz.de> Tue, 19 Sep 2023 21:20:27 +0200
Generated by dwww version 1.16 on Sun Jul 12 13:26:35 CEST 2026.