Univention Bugzilla – Bug 46625
cups: Multiple issues (4.3)
Last modified: 2018-05-16 17:04:04 CEST
New Debian cups 2.2.1-8+deb9u1A~4.3.0.201803130703 fixes: This update addresses the following issue: * CVE-2017-18190: Prevent an issue where remote attackers could execute arbitrary IPP commands by sending POST requests to the CUPS daemon in conjunction with DNS rebinding. This was caused by a whitelisted "localhost.localdomain" entry. A localhost.localdomain whitelist entry in valid_host() in scheduler/client.c in CUPS before 2.2.2 allows remote attackers to execute arbitrary IPP commands by sending POST requests to the CUPS daemon in conjunction with DNS rebinding. The localhost.localdomain name is often resolved via a DNS server (neither the OS nor the web browser is responsible for ensuring that localhost.localdomain is 127.0.0.1).
[4.3-0] bdc053edc4 Bug #46625: cups_2.2.1-8+deb9u1A~4.3.0.201803130703
--- mirror/ftp/4.3/unmaintained/4.3-0/source/cups_2.2.1-8A~4.3.0.201803121724.dsc +++ apt/ucs_4.3-0-errata4.3-0/source/cups_2.2.1-8+deb9u1A~4.3.0.201803131634.dsc @@ -1,4 +1,4 @@ -2.2.1-8A~4.3.0.201803121724 [Mon, 12 Mar 2018 17:24:41 +0100] Univention builddaemon <buildd@univention.de>: +2.2.1-8+deb9u1A~4.3.0.201803131634 [Tue, 13 Mar 2018 16:34:20 +0100] Univention builddaemon <buildd@univention.de>: * UCS auto build. The following patches have been applied to the original source package 00-autostart-setting @@ -9,6 +9,13 @@ 15_postponed-univention-lpadmin-systemd 20_no-on-demand-systemd-service +2.2.1-8+deb9u1 [Thu, 22 Feb 2018 17:51:44 +0100] Didier Raboud <odyx@debian.org>: + + * CVE-2017-18190: Prevent an issue where remote attackers could execute + arbitrary IPP commands by sending POST requests to the CUPS daemon in + conjunction with DNS rebinding. This was caused by a whitelisted + "localhost.localdomain" entry. + 2.2.1-8 [Tue, 31 Jan 2017 08:00:49 +0100] Didier Raboud <odyx@debian.org>: [ JP Guillonneau ]
* All UCS specific patches merged and applied during rebuilt * Comparison to previously shipped version ok * Binary package update Ok * Advisory Ok
<http://errata.software-univention.de/ucs/4.3/46.html>