Bug 47354 - cups: Multiple issues (4.3)
cups: Multiple issues (4.3)
Status: CLOSED FIXED
Product: UCS
Classification: Unclassified
Component: Security updates
UCS 4.3
All Linux
: P5 normal (vote)
: UCS 4.3-1-errata
Assigned To: Arvid Requate
Jürn Brodersen
:
Depends on:
Blocks: 48437
  Show dependency treegraph
 
Reported: 2018-07-16 10:49 CEST by Arvid Requate
Modified: 2019-01-08 12:09 CET (History)
0 users

See Also:
What kind of report is it?: Security Issue
What type of bug is this?: ---
Who will be affected by this bug?: ---
How will those affected feel about the bug?: ---
User Pain:
Enterprise Customer affected?:
School Customer affected?:
ISV affected?:
Waiting Support:
Flags outvoted (downgraded) after PO Review:
Ticket number:
Bug group (optional):
Max CVSS v3 score: 9.3 (AV:N/AC:M/Au:N/C:C/I:C/A:C)


Attachments

Note You need to log in before you can comment on or make changes to this bug.
Description Arvid Requate univentionstaff 2018-07-16 10:49:53 CEST
New Debian cups 2.2.1-8+deb9u2A~4.3.1.201807161049 fixes:
This update addresses the following issue(s):
* 
CVE_2014-8166 is open
* Insufficient restriction of IPP filters in CUPS in Google Chrome OS prior to 62.0.3202.74 allowed a remote attacker to execute a command with the same privileges as the cups daemon via a crafted PPD file, aka a printer zeroconfig CRLF issue. (CVE-2017-15400)
CVE_2017-18248 is open
CVE_2018-4180 is resolved
CVE_2018-4181 is resolved
CVE_2018-6553 is resolved

2.2.1-8+deb9u2 (Wed, 11 Jul 2018 11:29:27 +0200)
  * CVE-2018-6553: Fix AppArmor cupsd sandbox bypass due to use of hard links
  * Backport upstream fixes for:
    - CVE-2018-4180 Local Privilege Escalation to Root in dnssd Backend (CUPS_SERVERBIN)
    - CVE-2018-4181 Limited Local File Reads as Root via cupsd.conf Include Directive
    - CVE-2018-4182 cups-exec Sandbox Bypass Due to Insecure Error Handling
    - CVE-2018-4183 cups-exec Sandbox Bypass Due to Profile Misconfiguration
    - CVE-2017-15400: Restrict IPP Everywhere filters to only list supported PDLs
      to fix CRLF and Code Injection in Printer Zeroconfig
Comment 1 Arvid Requate univentionstaff 2018-07-16 18:44:25 CEST
Package imported an built.

d60ba66ec8 | Advisory
Comment 3 Arvid Requate univentionstaff 2018-07-17 16:42:17 CEST
piuparts check successful: http://10.200.17.11/4.3-1/#3797211375248925227
Comment 4 Jürn Brodersen univentionstaff 2018-07-17 18:15:31 CEST
[4.3-1 19a1487915] Bug #47354: fix YAML

piuparts -> OK
YAML -> OK
Comment 5 Erik Damrose univentionstaff 2018-07-18 14:12:49 CEST
<http://errata.software-univention.de/ucs/4.3/149.html>