Updated cups packages fix security vulnerabilities
Publication date: 03 Dec 2025Modification date: 03 Dec 2025
Type: security
Affected Mageia releases : 9
CVE: CVE-2025-58436 , CVE-2025-61915
Description
The updated packages fix security vulnerabilities and a regression with
GTK+ apps caused by the fix for CVE-2025-58436:
OpenPrinting CUPS slow client can halt cupsd, leading to a possible DoS
attack. (CVE-2025-58436)
OpenPrinting CUPS vulnerable to stack based out-of-bound write.
(CVE-2025-61915)
References
- https://bugs.mageia.org/show_bug.cgi?id=34786
- https://www.openwall.com/lists/oss-security/2025/11/27/4
- https://www.openwall.com/lists/oss-security/2025/11/27/5
- https://github.com/OpenPrinting/cups/issues/1429
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-58436
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-61915
SRPMS
9/core
- cups-2.4.6-1.5.mga9