Home / mailings [SECURITY] [DSA 5998-1] cups security update
Posted on 11 September 2025
Debian Security Advisory- -------------------------------------------------------------------------
Debian Security Advisory DSA-5998-1 security@debian.org
https://www.debian.org/security/ Salvatore Bonaccorso
September 11, 2025 https://www.debian.org/security/faq
- -------------------------------------------------------------------------
Package : cups
CVE ID : CVE-2025-58060 CVE-2025-58364
Two vulnerabilities were discovered in cups, the Common UNIX Printing
System, which may result in authentication bypass with AuthType
Negotiate or in denial of service (daemon crash).
For the oldstable distribution (bookworm), these problems have been fixed
in version 2.4.2-3+deb12u9.
For the stable distribution (trixie), these problems have been fixed in
version 2.4.10-3+deb13u1.
We recommend that you upgrade your cups packages.
For the detailed security status of cups please refer to its security
tracker page at:
https://security-tracker.debian.org/tracker/cups
Further information about Debian Security Advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://www.debian.org/security/
Mailing list: debian-security-announce@lists.debian.org
