|Version||1.7.5-11+deb8u10 (jessie), 2.2.1-8+deb9u9 (stretch)|
An issue has been found in cups, the Common UNIX Printing System. Due to a buffer overflow vulnerability in the function format_log_line() a remote attackers could cause a denial-of-service(DoS). The vulnerability can be triggered when the configuration file cupsd.conf sets the value of “loglevel” to “DEBUG”.
For Debian 8 jessie, these problems have been fixed in version 1.7.5-11+deb8u10.
For Debian 9 stretch, these problems have been fixed in version 2.2.1-8+deb9u9.
We recommend that you upgrade your cups packages.
Further information about Extended LTS security advisories can be found in the dedicated section of our website.