Univention Bugzilla – Full Text Bug Listing |
Summary: | cups: Multiple issues (4.3) | ||
---|---|---|---|
Product: | UCS | Reporter: | Philipp Hahn <hahn> |
Component: | Security updates | Assignee: | Quality Assurance <qa> |
Status: | CLOSED FIXED | QA Contact: | Philipp Hahn <hahn> |
Severity: | normal | ||
Priority: | P3 | ||
Version: | UCS 4.3 | ||
Target Milestone: | UCS 4.3-4-errata | ||
Hardware: | All | ||
OS: | Linux | ||
What kind of report is it?: | Security Issue | What type of bug is this?: | --- |
Who will be affected by this bug?: | --- | How will those affected feel about the bug?: | --- |
User Pain: | Enterprise Customer affected?: | ||
School Customer affected?: | ISV affected?: | ||
Waiting Support: | Flags outvoted (downgraded) after PO Review: | ||
Ticket number: | Bug group (optional): | ||
Max CVSS v3 score: | 0.0 () |
Description
Philipp Hahn
2019-09-09 15:44:26 CEST
--- mirror/ftp/4.3/unmaintained/4.3-4/source/cups_2.2.1-8+deb9u3A~4.3.3.201902261122.dsc +++ apt/ucs_4.3-0-errata4.3-4/source/cups_2.2.1-8+deb9u4A~4.3.0.201909091536.dsc @@ -1,13 +1,14 @@ -2.2.1-8+deb9u3A~4.3.3.201902261122 [Tue, 26 Feb 2019 11:41:42 +0100] Univention builddaemon <buildd@univention.de>: +2.2.1-8+deb9u4A~4.3.0.201909091536 [Mon, 09 Sep 2019 15:36:35 +0200] Univention builddaemon <buildd@univention.de>: - * UCS auto build. The following patches have been applied to the original source package - 00-autostart-setting - 01-do-not-set-auth-info-automatically - 02-execute-postponed-univention-lpadmin-cmds-in-init-script - 04_reload_smbd - 11_cups-disable-test - 15_postponed-univention-lpadmin-systemd - 20_no-on-demand-systemd-service + * UCS auto build. No patches were applied to the original source package + +2.2.1-8+deb9u4 [Wed, 21 Aug 2019 09:51:54 +0200] Didier Raboud <odyx@debian.org>: + + * Fix multiple security/disclosure issues (Closes: #934957) + - CVE-2019-8696 and CVE-2019-8675: Fixed SNMP buffer overflows + - Fixed IPP buffer overflow + - Fixed memory disclosure issue in the scheduler + - Fixed DoS issues in the scheduler 2.2.1-8+deb9u3 [Fri, 14 Dec 2018 13:58:47 +0100] Didier Raboud <odyx@debian.org>: <http://10.200.17.11/4.3-4/#8428496792160931795> --- mirror/ftp/4.3/unmaintained/4.3-4/source/cups_2.2.1-8+deb9u3A~4.3.3.201902261122.dsc +++ apt/ucs_4.3-0-errata4.3-4/source/cups_2.2.1-8+deb9u4A~4.3.0.201909091536.dsc @@ -1,13 +1,14 @@ -2.2.1-8+deb9u3A~4.3.3.201902261122 [Tue, 26 Feb 2019 11:41:42 +0100] Univention builddaemon <buildd@univention.de>: +2.2.1-8+deb9u4A~4.3.0.201909091536 [Mon, 09 Sep 2019 15:36:35 +0200] Univention builddaemon <buildd@univention.de>: - * UCS auto build. The following patches have been applied to the original source package - 00-autostart-setting - 01-do-not-set-auth-info-automatically - 02-execute-postponed-univention-lpadmin-cmds-in-init-script - 04_reload_smbd - 11_cups-disable-test - 15_postponed-univention-lpadmin-systemd - 20_no-on-demand-systemd-service + * UCS auto build. No patches were applied to the original source package + +2.2.1-8+deb9u4 [Wed, 21 Aug 2019 09:51:54 +0200] Didier Raboud <odyx@debian.org>: + + * Fix multiple security/disclosure issues (Closes: #934957) + - CVE-2019-8696 and CVE-2019-8675: Fixed SNMP buffer overflows + - Fixed IPP buffer overflow + - Fixed memory disclosure issue in the scheduler + - Fixed DoS issues in the scheduler 2.2.1-8+deb9u3 [Fri, 14 Dec 2018 13:58:47 +0100] Didier Raboud <odyx@debian.org>: <http://10.200.17.11/4.3-4/#8428496792160931795> --- mirror/ftp/4.3/unmaintained/4.3-4/source/cups_2.2.1-8+deb9u3A~4.3.3.201902261122.dsc +++ apt/ucs_4.3-0-errata4.3-4/source/cups_2.2.1-8+deb9u4A~4.3.0.201909100938.dsc @@ -1,4 +1,4 @@ -2.2.1-8+deb9u3A~4.3.3.201902261122 [Tue, 26 Feb 2019 11:41:42 +0100] Univention builddaemon <buildd@univention.de>: +2.2.1-8+deb9u4A~4.3.0.201909100938 [Tue, 10 Sep 2019 09:38:34 +0200] Univention builddaemon <buildd@univention.de>: * UCS auto build. The following patches have been applied to the original source package 00-autostart-setting @@ -9,6 +9,14 @@ 15_postponed-univention-lpadmin-systemd 20_no-on-demand-systemd-service +2.2.1-8+deb9u4 [Wed, 21 Aug 2019 09:51:54 +0200] Didier Raboud <odyx@debian.org>: + + * Fix multiple security/disclosure issues (Closes: #934957) + - CVE-2019-8696 and CVE-2019-8675: Fixed SNMP buffer overflows + - Fixed IPP buffer overflow + - Fixed memory disclosure issue in the scheduler + - Fixed DoS issues in the scheduler + 2.2.1-8+deb9u3 [Fri, 14 Dec 2018 13:58:47 +0100] Didier Raboud <odyx@debian.org>: * Backport upstream fixes for: <http://10.200.17.11/4.3-4/#733253228738746358> OK: yaml OK: announce_errata OK: patch OK: piuparts [4.3-4] 2b2e751cdf Bug #50153: cups 2.2.1-8+deb9u4A~4.3.0.201909100938 doc/errata/staging/cups.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) [4.3-4] e83831386c Bug #50153: cups_2.2.1-8+deb9u4A~4.3.0.201909091536 doc/errata/staging/cups.yaml | 16 ++++++++++++++++ 1 file changed, 16 insertions(+) |