| Package | cups-filters |
|---|---|
| Version | 1.11.6-3+deb9u4 (stretch), 1.21.6-5+deb10u3 (buster) |
| Related CVEs | CVE-2025-57812 CVE-2025-64503 CVE-2025-64524 |
Several issues have been found in cups-filters, which provides additional CUPS filters.
-
CVE-2025-64503 out of bounds write vulnerability when processing crafted PDF files containing a large ‘Mediabox’ value
-
CVE-2025-57812 out of bounds read/write vulnerability in the processing of TIFF image files
-
CVE-2025-64524 infinite loop with crafted input raster file, that resuls into a heap buffer overflow
For Debian 10 buster, these problems have been fixed in version 1.21.6-5+deb10u3.
For Debian 9 stretch, these problems have been fixed in version 1.11.6-3+deb9u4.
We recommend that you upgrade your cups-filters packages.
Further information about Extended LTS security advisories can be found in the dedicated section of our website.