ALAS2023-2023-235

A vulnerability was found in CUPS. This issue occurs due to logging data of free memory to the logging service AFTER the connection has been closed, when it should have logged the data immediately before the connection closed, resulting in a use-after-free in cupsdAcceptClient() in scheduler/client.c (CVE-2023-34241)

aarch64:
    cups-lpd-debuginfo-2.3.3op2-18.amzn2023.0.5.aarch64
    cups-printerapp-2.3.3op2-18.amzn2023.0.5.aarch64
    cups-printerapp-debuginfo-2.3.3op2-18.amzn2023.0.5.aarch64
    cups-client-debuginfo-2.3.3op2-18.amzn2023.0.5.aarch64
    cups-devel-2.3.3op2-18.amzn2023.0.5.aarch64
    cups-lpd-2.3.3op2-18.amzn2023.0.5.aarch64
    cups-debugsource-2.3.3op2-18.amzn2023.0.5.aarch64
    cups-libs-debuginfo-2.3.3op2-18.amzn2023.0.5.aarch64
    cups-ipptool-2.3.3op2-18.amzn2023.0.5.aarch64
    cups-ipptool-debuginfo-2.3.3op2-18.amzn2023.0.5.aarch64
    cups-libs-2.3.3op2-18.amzn2023.0.5.aarch64
    cups-client-2.3.3op2-18.amzn2023.0.5.aarch64
    cups-2.3.3op2-18.amzn2023.0.5.aarch64
    cups-debuginfo-2.3.3op2-18.amzn2023.0.5.aarch64

noarch:
    cups-filesystem-2.3.3op2-18.amzn2023.0.5.noarch

src:
    cups-2.3.3op2-18.amzn2023.0.5.src

x86_64:
    cups-client-debuginfo-2.3.3op2-18.amzn2023.0.5.x86_64
    cups-printerapp-debuginfo-2.3.3op2-18.amzn2023.0.5.x86_64
    cups-libs-2.3.3op2-18.amzn2023.0.5.x86_64
    cups-lpd-debuginfo-2.3.3op2-18.amzn2023.0.5.x86_64
    cups-libs-debuginfo-2.3.3op2-18.amzn2023.0.5.x86_64
    cups-client-2.3.3op2-18.amzn2023.0.5.x86_64
    cups-devel-2.3.3op2-18.amzn2023.0.5.x86_64
    cups-lpd-2.3.3op2-18.amzn2023.0.5.x86_64
    cups-ipptool-debuginfo-2.3.3op2-18.amzn2023.0.5.x86_64
    cups-debuginfo-2.3.3op2-18.amzn2023.0.5.x86_64
    cups-debugsource-2.3.3op2-18.amzn2023.0.5.x86_64
    cups-printerapp-2.3.3op2-18.amzn2023.0.5.x86_64
    cups-ipptool-2.3.3op2-18.amzn2023.0.5.x86_64
    cups-2.3.3op2-18.amzn2023.0.5.x86_64