CLSA-2026-1778253061

See a problem?
Import Source
https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/debian10els/CLSA-2026-1778253061.json
JSON Data
https://api.test.osv.dev/v1/vulns/CLSA-2026-1778253061
Upstream
Published
2026-05-08T15:13:47Z
Modified
2026-06-04T09:45:21.725862934Z
Summary
Fix CVE(s): CVE-2026-27447
Details
  • SECURITY UPDATE: fix authorization bypass in cupsd caused by case-insensitive comparison of local user and group names.
    • debian/patches/CVE-2026-27447.patch: compare usernames against the canonical pwname from getpwnam() with strcmp() in cupsdCheckGroup() and cupsdIsAuthorized() in scheduler/auth.c; include the upstream follow-up "Fix unauthenticated print policies" (Issue #1557) so CUPSDAUTH_NONE policies still match users that do not have a local account.
    • CVE-2026-27447.
References

Affected packages

TuxCare:Debian:10
cups

Package

Name
cups
Purl
pkg:deb/tuxcare/cups?distro=debian-10

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
2.2.10-6+deb10u10+tuxcare.els3

Database specific

source
"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/debian10els/CLSA-2026-1778253061.json"
cups-bsd

Package

Name
cups-bsd
Purl
pkg:deb/tuxcare/cups-bsd?distro=debian-10

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
2.2.10-6+deb10u10+tuxcare.els3

Database specific

source
"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/debian10els/CLSA-2026-1778253061.json"
cups-client

Package

Name
cups-client
Purl
pkg:deb/tuxcare/cups-client?distro=debian-10

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
2.2.10-6+deb10u10+tuxcare.els3

Database specific

source
"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/debian10els/CLSA-2026-1778253061.json"
cups-common

Package

Name
cups-common
Purl
pkg:deb/tuxcare/cups-common?distro=debian-10

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
2.2.10-6+deb10u10+tuxcare.els3

Database specific

source
"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/debian10els/CLSA-2026-1778253061.json"
cups-core-drivers

Package

Name
cups-core-drivers
Purl
pkg:deb/tuxcare/cups-core-drivers?distro=debian-10

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
2.2.10-6+deb10u10+tuxcare.els3

Database specific

source
"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/debian10els/CLSA-2026-1778253061.json"
cups-daemon

Package

Name
cups-daemon
Purl
pkg:deb/tuxcare/cups-daemon?distro=debian-10

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
2.2.10-6+deb10u10+tuxcare.els3

Database specific

source
"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/debian10els/CLSA-2026-1778253061.json"
cups-ipp-utils

Package

Name
cups-ipp-utils
Purl
pkg:deb/tuxcare/cups-ipp-utils?distro=debian-10

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
2.2.10-6+deb10u10+tuxcare.els3

Database specific

source
"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/debian10els/CLSA-2026-1778253061.json"
cups-ppdc

Package

Name
cups-ppdc
Purl
pkg:deb/tuxcare/cups-ppdc?distro=debian-10

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
2.2.10-6+deb10u10+tuxcare.els3

Database specific

source
"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/debian10els/CLSA-2026-1778253061.json"
cups-server-common

Package

Name
cups-server-common
Purl
pkg:deb/tuxcare/cups-server-common?distro=debian-10

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
2.2.10-6+deb10u10+tuxcare.els3

Database specific

source
"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/debian10els/CLSA-2026-1778253061.json"
libcups2

Package

Name
libcups2
Purl
pkg:deb/tuxcare/libcups2?distro=debian-10

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
2.2.10-6+deb10u10+tuxcare.els3

Database specific

source
"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/debian10els/CLSA-2026-1778253061.json"
libcups2-dev

Package

Name
libcups2-dev
Purl
pkg:deb/tuxcare/libcups2-dev?distro=debian-10

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
2.2.10-6+deb10u10+tuxcare.els3

Database specific

source
"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/debian10els/CLSA-2026-1778253061.json"
libcupsimage2

Package

Name
libcupsimage2
Purl
pkg:deb/tuxcare/libcupsimage2?distro=debian-10

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
2.2.10-6+deb10u10+tuxcare.els3

Database specific

source
"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/debian10els/CLSA-2026-1778253061.json"
libcupsimage2-dev

Package

Name
libcupsimage2-dev
Purl
pkg:deb/tuxcare/libcupsimage2-dev?distro=debian-10

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
2.2.10-6+deb10u10+tuxcare.els3

Database specific

source
"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/debian10els/CLSA-2026-1778253061.json"