Release date:
2026-05-22 07:53:04 UTC
Description:
- CVE-2026-27447: fix authorization bypass in cupsd by replacing case-insensitive
username comparisons with byte-exact strcmp against pw->pw_name; also include
upstream follow-up commit 849fba7d ("Fix unauthenticated print policies",
Issue #1557) to restore behavior for CUPSD_AUTH_NONE policies with named ACLs
Updated packages:
-
cups-2.3.3op2-33.el9_6.1.tuxcare.els6.x86_64.rpm
sha:8af704fb736270140fc0dfb00d1391aa2085b5ecd0801f194065df61a88d068e
-
cups-client-2.3.3op2-33.el9_6.1.tuxcare.els6.x86_64.rpm
sha:9d47c3f204399fcf3122a367b3abbdfda7e52a395f5ced6580fb8f157f0a7a90
-
cups-devel-2.3.3op2-33.el9_6.1.tuxcare.els6.i686.rpm
sha:df2fa530ee6ac4718f1e0cee60fc4842bb13175982968b4095dea3644c5637d5
-
cups-devel-2.3.3op2-33.el9_6.1.tuxcare.els6.x86_64.rpm
sha:1c26014324e2be0db49361543efc626b1c8adeb8308b8bf8181fd4ce045f6a92
-
cups-filesystem-2.3.3op2-33.el9_6.1.tuxcare.els6.noarch.rpm
sha:2595fb01be7a2ece4053a591742048986b61d43de77433107aa70067bbe2a862
-
cups-ipptool-2.3.3op2-33.el9_6.1.tuxcare.els6.x86_64.rpm
sha:4096b7c9d46ce60386eed6da762942d407b2ca8a7b43ad9c3e94ef4afb319a87
-
cups-libs-2.3.3op2-33.el9_6.1.tuxcare.els6.i686.rpm
sha:e88cbcb265c6757953fe6706d4befcb9dceb4a79b5341460959a69c870072a4f
-
cups-libs-2.3.3op2-33.el9_6.1.tuxcare.els6.x86_64.rpm
sha:40d71338bb06d5ce8314e59a9095a84989b886ce015d5def90c075ec8bd52969
-
cups-lpd-2.3.3op2-33.el9_6.1.tuxcare.els6.x86_64.rpm
sha:1f7453dc2d4aee5df89acdd6c0474d2c6798c1637f425d63acbf2ed6ad0b3f6e
-
cups-printerapp-2.3.3op2-33.el9_6.1.tuxcare.els6.x86_64.rpm
sha:33e4821e1d8b5b84ec6b98ea57436e5a99e3d215d092f3cc9140643bc65ee933
Notes:
This page is generated automatically and has not been checked for errors. For clarification or
corrections please contact the
CloudLinux Packaging Team.
