ALAS2023-2023-073

An authorization vulnerability was found in the CUPS printing system. This security vulnerability occurs when local authorization happens. This flaw allows an attacker to authenticate to CUPS as root/admin without the 32-byte secret key and perform arbitrary code execution. (CVE-2022-26691)

aarch64:
    cups-ipptool-debuginfo-2.3.3op2-18.amzn2023.0.2.aarch64
    cups-debugsource-2.3.3op2-18.amzn2023.0.2.aarch64
    cups-client-debuginfo-2.3.3op2-18.amzn2023.0.2.aarch64
    cups-lpd-debuginfo-2.3.3op2-18.amzn2023.0.2.aarch64
    cups-printerapp-debuginfo-2.3.3op2-18.amzn2023.0.2.aarch64
    cups-libs-debuginfo-2.3.3op2-18.amzn2023.0.2.aarch64
    cups-devel-2.3.3op2-18.amzn2023.0.2.aarch64
    cups-lpd-2.3.3op2-18.amzn2023.0.2.aarch64
    cups-libs-2.3.3op2-18.amzn2023.0.2.aarch64
    cups-printerapp-2.3.3op2-18.amzn2023.0.2.aarch64
    cups-ipptool-2.3.3op2-18.amzn2023.0.2.aarch64
    cups-client-2.3.3op2-18.amzn2023.0.2.aarch64
    cups-debuginfo-2.3.3op2-18.amzn2023.0.2.aarch64
    cups-2.3.3op2-18.amzn2023.0.2.aarch64

noarch:
    cups-filesystem-2.3.3op2-18.amzn2023.0.2.noarch

src:
    cups-2.3.3op2-18.amzn2023.0.2.src

x86_64:
    cups-lpd-debuginfo-2.3.3op2-18.amzn2023.0.2.x86_64
    cups-debugsource-2.3.3op2-18.amzn2023.0.2.x86_64
    cups-printerapp-debuginfo-2.3.3op2-18.amzn2023.0.2.x86_64
    cups-libs-2.3.3op2-18.amzn2023.0.2.x86_64
    cups-ipptool-debuginfo-2.3.3op2-18.amzn2023.0.2.x86_64
    cups-devel-2.3.3op2-18.amzn2023.0.2.x86_64
    cups-lpd-2.3.3op2-18.amzn2023.0.2.x86_64
    cups-client-debuginfo-2.3.3op2-18.amzn2023.0.2.x86_64
    cups-client-2.3.3op2-18.amzn2023.0.2.x86_64
    cups-ipptool-2.3.3op2-18.amzn2023.0.2.x86_64
    cups-libs-debuginfo-2.3.3op2-18.amzn2023.0.2.x86_64
    cups-printerapp-2.3.3op2-18.amzn2023.0.2.x86_64
    cups-2.3.3op2-18.amzn2023.0.2.x86_64
    cups-debuginfo-2.3.3op2-18.amzn2023.0.2.x86_64