CLSA-2026-1777026478

See a problem?

Import Source

https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/ubuntu20.04els/CLSA-2026-1777026478.json

JSON Data

https://api.osv.dev/v1/vulns/CLSA-2026-1777026478

Upstream

CVE-2026-34980

Published

2026-04-24T21:53:21Z

Modified

2026-06-04T09:47:33.439914220Z

Summary

Fix CVE(s): CVE-2026-34980

Details

SECURITY UPDATE: control-character injection in scheduler option handling
- debian/patches/CVE-2026-34980.patch: filter control characters from IPP string option values and reject "special" PPD keywords (cupsFilter, cupsFilter2, etc.) reported back by job filters to prevent filter/command injection via crafted job options
- CVE-2026-34980

References

https://errata.tuxcare.com/els_os/ubuntu20.04els/CLSA-2026-1777026478.html

Affected packages

TuxCare:Ubuntu:20.04

cups

Package

Name: cups
Purl: pkg:deb/tuxcare/cups?distro=ubuntu-20.04

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

2.3.1-9ubuntu1.9+tuxcare.els2

Database specific

source

"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/ubuntu20.04els/CLSA-2026-1777026478.json"

cups-bsd

Package

Name: cups-bsd
Purl: pkg:deb/tuxcare/cups-bsd?distro=ubuntu-20.04

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

2.3.1-9ubuntu1.9+tuxcare.els2

Database specific

source

"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/ubuntu20.04els/CLSA-2026-1777026478.json"

cups-client

Package

Name: cups-client
Purl: pkg:deb/tuxcare/cups-client?distro=ubuntu-20.04

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

2.3.1-9ubuntu1.9+tuxcare.els2

Database specific

source

"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/ubuntu20.04els/CLSA-2026-1777026478.json"

cups-common

Package

Name: cups-common
Purl: pkg:deb/tuxcare/cups-common?distro=ubuntu-20.04

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

2.3.1-9ubuntu1.9+tuxcare.els2

Database specific

source

"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/ubuntu20.04els/CLSA-2026-1777026478.json"

cups-core-drivers

Package

Name: cups-core-drivers
Purl: pkg:deb/tuxcare/cups-core-drivers?distro=ubuntu-20.04

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

2.3.1-9ubuntu1.9+tuxcare.els2

Database specific

source

"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/ubuntu20.04els/CLSA-2026-1777026478.json"

cups-daemon

Package

Name: cups-daemon
Purl: pkg:deb/tuxcare/cups-daemon?distro=ubuntu-20.04

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

2.3.1-9ubuntu1.9+tuxcare.els2

Database specific

source

"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/ubuntu20.04els/CLSA-2026-1777026478.json"

cups-ipp-utils

Package

Name: cups-ipp-utils
Purl: pkg:deb/tuxcare/cups-ipp-utils?distro=ubuntu-20.04

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

2.3.1-9ubuntu1.9+tuxcare.els2

Database specific

source

"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/ubuntu20.04els/CLSA-2026-1777026478.json"

cups-ppdc

Package

Name: cups-ppdc
Purl: pkg:deb/tuxcare/cups-ppdc?distro=ubuntu-20.04

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

2.3.1-9ubuntu1.9+tuxcare.els2

Database specific

source

"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/ubuntu20.04els/CLSA-2026-1777026478.json"

cups-server-common

Package

Name: cups-server-common
Purl: pkg:deb/tuxcare/cups-server-common?distro=ubuntu-20.04

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

2.3.1-9ubuntu1.9+tuxcare.els2

Database specific

source

"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/ubuntu20.04els/CLSA-2026-1777026478.json"

libcups2

Package

Name: libcups2
Purl: pkg:deb/tuxcare/libcups2?distro=ubuntu-20.04

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

2.3.1-9ubuntu1.9+tuxcare.els2

Database specific

source

"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/ubuntu20.04els/CLSA-2026-1777026478.json"

libcups2-dev

Package

Name: libcups2-dev
Purl: pkg:deb/tuxcare/libcups2-dev?distro=ubuntu-20.04

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

2.3.1-9ubuntu1.9+tuxcare.els2

Database specific

source

"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/ubuntu20.04els/CLSA-2026-1777026478.json"

libcupsimage2

Package

Name: libcupsimage2
Purl: pkg:deb/tuxcare/libcupsimage2?distro=ubuntu-20.04

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

2.3.1-9ubuntu1.9+tuxcare.els2

Database specific

source

"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/ubuntu20.04els/CLSA-2026-1777026478.json"

libcupsimage2-dev

Package

Name: libcupsimage2-dev
Purl: pkg:deb/tuxcare/libcupsimage2-dev?distro=ubuntu-20.04

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

2.3.1-9ubuntu1.9+tuxcare.els2

Database specific

source

"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/ubuntu20.04els/CLSA-2026-1777026478.json"