CUPS 2.4.13 is out today as the newest update to this widely-used, open-source print server. Driving this new point release is for addressing an important security vulnerability as well as a second less notable security issue.
CUPS 2.4.13 is out to bring a fix for CVE-2025-58060, which is described in the release announcement as an “important” security issue. Details on CVE-2025-58060 are not yet public. There is also a fix for CVE-2025-58364 as a “moderate” security vulnerability. Details on CVE-2025-58364 are also not yet public.
These security issues are pressing enough to warrant CUPS 2.4.13. Earlier this year when CUPS 2.4.12 was released,
In addition to those two security fixes, CUPS 2.4.13 also brings several general bug fixes plus a new “print-as-raster” attribute for printer and job objects. CUPS’ print-as-raster attribute will enforce rasterization of the file for IPP Everywhere / AirPrint printers. This can workaround internal PDF issues for some printer firmware.
Downloads and more details on the CUPS 2.4.13 release via GitHub.
CUPS 2.5 is the next big feature release in development for this Linux print server while CUPS 3.0 aims to be a big overhaul.
