Slackware has released updated CUPS packages for versions 15.0 and current to patch several critical security flaws. The update addresses problems ranging from case sensitivity errors in user authentication to buffer overflows in the RSS notifier and weak certificate validation on local interfaces. Administrators can grab the new files directly from official FTP mirrors tailored for both i586 and x86_64 systems. Once you run the upgrade command, simply restart the printing service to ensure all protections take effect immediately.

cups (SSA:2026-107-01)

cups (SSA:2026-107-01)

cups (SSA:2026-107-01)

New cups packages are available for Slackware 15.0 and -current to
fix security issues.

Here are the details from the Slackware 15.0 ChangeLog:
+--------------------------+
patches/packages/cups-2.4.17-i586-1_slack15.0.txz: Upgraded.
This update fixes security issues:
The scheduler treated local user and group names as case-insensitive.
The RSS notifier could write outside the scheduler's RSS directory.
The scheduler did not filter control characters from option values.
The scheduler did not always allocate enough memory for a job's options
string.
The scheduler incorrectly allowed local certificates over the loopback
interface.
Fixed the range check for job password strings.
Fixed a printer subscription bug in the scheduler.
Fixed a SNMP string conversion bug in the backends.
For more information, see:
https://www.cve.org/CVERecord?id=CVE-2026-27447
https://www.cve.org/CVERecord?id=CVE-2026-34978
https://www.cve.org/CVERecord?id=CVE-2026-34980
https://www.cve.org/CVERecord?id=CVE-2026-34979
https://www.cve.org/CVERecord?id=CVE-2026-34990
https://www.cve.org/CVERecord?id=CVE-2026-39314
https://www.cve.org/CVERecord?id=CVE-2026-39316
(* Security fix *)
+--------------------------+

Where to find the new packages:
+-----------------------------+

Thanks to the friendly folks at the OSU Open Source Lab
( http://osuosl.org) for donating FTP and rsync hosting
to the Slackware project! :-)

Also see the "Get Slack" section on http://slackware.com for
additional mirror sites near you.

Updated package for Slackware 15.0:
ftp://ftp.slackware.com/pub/slackware/slackware-15.0/patches/packages/cups-2.4.17-i586-1_slack15.0.txz

Updated package for Slackware x86_64 15.0:
ftp://ftp.slackware.com/pub/slackware/slackware64-15.0/patches/packages/cups-2.4.17-x86_64-1_slack15.0.txz

Updated package for Slackware -current:
ftp://ftp.slackware.com/pub/slackware/slackware-current/slackware/ap/cups-2.4.17-i686-1.txz

Updated package for Slackware x86_64 -current:
ftp://ftp.slackware.com/pub/slackware/slackware64-current/slackware64/ap/cups-2.4.17-x86_64-1.txz

MD5 signatures:
+-------------+

Slackware 15.0 package:
15ee7bfb8e0ca621d29bcf59c552f447 cups-2.4.17-i586-1_slack15.0.txz

Slackware x86_64 15.0 package:
ef69faf669400eabc802d9440e32a80c cups-2.4.17-x86_64-1_slack15.0.txz

Slackware -current package:
4589040f31a586a6bf655a3f40a7e779 ap/cups-2.4.17-i686-1.txz

Slackware x86_64 -current package:
44399b8feb3899536794d5d2b79fc710 ap/cups-2.4.17-x86_64-1.txz

Installation instructions:
+------------------------+

Upgrade the package as root:
# upgradepkg cups-2.4.17-i586-1_slack15.0.txz

Then, restart the cups server:
# sh /etc/rc.d/rc.cups restart

+-----+

Slackware Linux Security Team
http://slackware.com/gpg-key