a26f0dde72
Security fixes CVE-2023-4504 bsc#1215204 and CVE-2023-32360 bsc#1214254 for CUPS OBS-URL: https://build.opensuse.org/request/show/1112569 OBS-URL: https://build.opensuse.org/package/show/Printing/cups?expand=0&rev=401
19 lines
1.1 KiB
Diff
19 lines
1.1 KiB
Diff
--- conf/cupsd.conf.in.orig 2022-05-26 08:17:21.000000000 +0200
|
|
+++ conf/cupsd.conf.in 2023-09-20 13:39:53.316719260 +0200
|
|
@@ -68,7 +68,14 @@ IdleExitTimeout @EXIT_TIMEOUT@
|
|
Order deny,allow
|
|
</Limit>
|
|
|
|
- <Limit Send-Document Send-URI Hold-Job Release-Job Restart-Job Purge-Jobs Set-Job-Attributes Create-Job-Subscription Renew-Subscription Cancel-Subscription Get-Notifications Reprocess-Job Cancel-Current-Job Suspend-Current-Job Resume-Job Cancel-My-Jobs Close-Job CUPS-Move-Job CUPS-Get-Document>
|
|
+ <Limit Send-Document Send-URI Hold-Job Release-Job Restart-Job Purge-Jobs Set-Job-Attributes Create-Job-Subscription Renew-Subscription Cancel-Subscription Get-Notifications Reprocess-Job Cancel-Current-Job Suspend-Current-Job Resume-Job Cancel-My-Jobs Close-Job CUPS-Move-Job>
|
|
+ Require user @OWNER @SYSTEM
|
|
+ Order deny,allow
|
|
+ </Limit>
|
|
+
|
|
+ # Require authentication for CUPS-Get-Document otherwise unauthenticated users could access print job documents:
|
|
+ <Limit CUPS-Get-Document>
|
|
+ AuthType Default
|
|
Require user @OWNER @SYSTEM
|
|
Order deny,allow
|
|
</Limit>
|