ALAS-2024-718


Amazon Linux 2023 Security Advisory: ALAS-2024-718
Advisory Release Date: 2024-09-27 00:29 Pacific
Advisory Updated Date: 2024-10-02 15:30 Pacific
Severity: Important

Issue Overview:

A flaw in cups-filters allows a remote unauthenticated client to create a PPD configuration file with code injection. If a job is sent to the compromised printer, the code is executed allowing for remote code execution. (CVE-2024-47175)


Affected Packages:

cups-filters


Issue Correction:
Run dnf update cups-filters --releasever 2023.5.20241001 to update your system.

New Packages:
aarch64:
    cups-filters-libs-debuginfo-1.28.16-3.amzn2023.0.2.aarch64
    cups-filters-devel-1.28.16-3.amzn2023.0.2.aarch64
    cups-filters-libs-1.28.16-3.amzn2023.0.2.aarch64
    cups-filters-debuginfo-1.28.16-3.amzn2023.0.2.aarch64
    cups-filters-debugsource-1.28.16-3.amzn2023.0.2.aarch64
    cups-filters-1.28.16-3.amzn2023.0.2.aarch64

src:
    cups-filters-1.28.16-3.amzn2023.0.2.src

x86_64:
    cups-filters-libs-debuginfo-1.28.16-3.amzn2023.0.2.x86_64
    cups-filters-libs-1.28.16-3.amzn2023.0.2.x86_64
    cups-filters-devel-1.28.16-3.amzn2023.0.2.x86_64
    cups-filters-debuginfo-1.28.16-3.amzn2023.0.2.x86_64
    cups-filters-debugsource-1.28.16-3.amzn2023.0.2.x86_64
    cups-filters-1.28.16-3.amzn2023.0.2.x86_64