[ubuntu/cosmic-proposed] cups 2.2.7-1ubuntu3 (Accepted)
Marc Deslauriers
marc.deslauriers at ubuntu.com
Thu Jul 12 13:04:14 UTC 2018
cups (2.2.7-1ubuntu3) cosmic; urgency=medium
* SECURITY UPDATE: privilege escalation in dnssd backend
- debian/patches/CVE-2018-418x.patch: don't allow PassEnv and SetEnv to
override standard variables in man/cups-files.conf.man.in,
man/cupsd.conf.man.in, scheduler/conf.c, test/run-stp-tests.sh.
- CVE-2018-4180
* SECURITY UPDATE: local file read via Include directive
- debian/patches/CVE-2018-418x.patch: remove Include directive handling
in scheduler/conf.c.
- CVE-2018-4181
* SECURITY UPDATE: AppArmor sandbox bypass
- debian/local/apparmor-profile: also confine
/usr/lib/cups/backend/mdns.
- CVE-2018-6553
Date: Fri, 22 Jun 2018 13:02:42 -0400
Changed-By: Marc Deslauriers <marc.deslauriers at ubuntu.com>
Maintainer: Ubuntu Developers <ubuntu-devel-discuss at lists.ubuntu.com>
https://launchpad.net/ubuntu/+source/cups/2.2.7-1ubuntu3
-------------- next part --------------
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512
Format: 1.8
Date: Fri, 22 Jun 2018 13:02:42 -0400
Source: cups
Binary: libcups2 libcupsimage2 libcupscgi1 libcupsmime1 libcupsppdc1 cups cups-core-drivers cups-daemon cups-client cups-ipp-utils libcups2-dev libcupsimage2-dev cups-bsd cups-common cups-server-common cups-ppdc
Architecture: source
Version: 2.2.7-1ubuntu3
Distribution: cosmic
Urgency: medium
Maintainer: Ubuntu Developers <ubuntu-devel-discuss at lists.ubuntu.com>
Changed-By: Marc Deslauriers <marc.deslauriers at ubuntu.com>
Description:
cups - Common UNIX Printing System(tm) - PPD/driver support, web interfa
cups-bsd - Common UNIX Printing System(tm) - BSD commands
cups-client - Common UNIX Printing System(tm) - client programs (SysV)
cups-common - Common UNIX Printing System(tm) - common files
cups-core-drivers - Common UNIX Printing System(tm) - driverless printing
cups-daemon - Common UNIX Printing System(tm) - daemon
cups-ipp-utils - Common UNIX Printing System(tm) - IPP developer/admin utilities
cups-ppdc - Common UNIX Printing System(tm) - PPD manipulation utilities
cups-server-common - Common UNIX Printing System(tm) - server common files
libcups2 - Common UNIX Printing System(tm) - Core library
libcups2-dev - Common UNIX Printing System(tm) - Development files CUPS library
libcupscgi1 - Common UNIX Printing System(tm) - CGI library
libcupsimage2 - Common UNIX Printing System(tm) - Raster image library
libcupsimage2-dev - Common UNIX Printing System(tm) - Development files CUPS image li
libcupsmime1 - Common UNIX Printing System(tm) - MIME library
libcupsppdc1 - Common UNIX Printing System(tm) - PPD manipulation library
Changes:
cups (2.2.7-1ubuntu3) cosmic; urgency=medium
.
* SECURITY UPDATE: privilege escalation in dnssd backend
- debian/patches/CVE-2018-418x.patch: don't allow PassEnv and SetEnv to
override standard variables in man/cups-files.conf.man.in,
man/cupsd.conf.man.in, scheduler/conf.c, test/run-stp-tests.sh.
- CVE-2018-4180
* SECURITY UPDATE: local file read via Include directive
- debian/patches/CVE-2018-418x.patch: remove Include directive handling
in scheduler/conf.c.
- CVE-2018-4181
* SECURITY UPDATE: AppArmor sandbox bypass
- debian/local/apparmor-profile: also confine
/usr/lib/cups/backend/mdns.
- CVE-2018-6553
Checksums-Sha1:
b3baa0c7ec8e57a7ee957ce8fcd3216e1257d179 3639 cups_2.2.7-1ubuntu3.dsc
6efd040790e0841bd1977409ac570d074f841a4b 358352 cups_2.2.7-1ubuntu3.debian.tar.xz
b139a04a1ba3693776f48f9aea77b50aef078e76 9751 cups_2.2.7-1ubuntu3_source.buildinfo
Checksums-Sha256:
302572a3bbf8e6dda5dcd73f93b126f4fa53030ce0e9487190a89a9c46d28333 3639 cups_2.2.7-1ubuntu3.dsc
dfc6af7105d26b27522b2f4c3876dc570ecddc7e67fb3233b08dd8ff27f6d4bb 358352 cups_2.2.7-1ubuntu3.debian.tar.xz
7b7db960ffadc96c34362c02815ee58ffaaf8827f4e571285d9d340ca800ae08 9751 cups_2.2.7-1ubuntu3_source.buildinfo
Files:
dd9b25a31b2ae5c44a6d1e1bc1d2f6f7 3639 net optional cups_2.2.7-1ubuntu3.dsc
dabbb5ab827f8378d4257c02458bbc2c 358352 net optional cups_2.2.7-1ubuntu3.debian.tar.xz
47344b0bc9a27bb7ed8e615963a4a158 9751 net optional cups_2.2.7-1ubuntu3_source.buildinfo
Original-Maintainer: Debian Printing Team <debian-printing at lists.debian.org>
-----BEGIN PGP SIGNATURE-----
iQIzBAEBCgAdFiEEUMSg3c8x5FLOsZtRZWnYVadEvpMFAltHUS8ACgkQZWnYVadE
vpOWTw/+Jhwsw3c+7DJgmeULYE7GNZLrTuN7ffB5+o2y3f+QPKV2Rr48I4NPGZ1g
cV1q/WWH/I3g3YZYvO1szm3NiFq9LgMt26lyxOULj3DX4lHzX6Qgs5eGzxad5Y65
JH2ym2ynbi6d/4dGggiIvw8sxxsJcreROLHX8zEfWiqZmT2yga+OkfWsp3aGoYlH
ITWFD3KiGOUxzLxWpBy83ahlnE3mepO7YN0bC6rH1gNDYvNVft5+ExCxCQQHfG48
QtzkVY4OfWzkfPJkTGblhhT8AEDfT1G8W2vLBE5RrR9+wly4s6195vyZ3TNB2qdz
afd1WbBlmgb4UznrtFhu7dRH9f56et62Ml5WmKMtT+nbSR02XKFu1v2eKMVo1JFH
4lNvozB8de2SnOwlchW58IczNziBCxGlNCk15vIA5JQhrtfU35x7lCGZZJPqi3/D
LodU/LsyOyg8WDEMffLumbK9u5jWvTZhtejpdTv1zjmJfJWabrsAmjaXQ0s0rcIA
mQ/xo1ugcBzISw7Aj1w7Hn0Ga3j71BscKY9H2X9cbZGK3xv2L4xbZNY4kX2vB3Zm
wrBEIeraB7g2EUvVC9xGiuVgsvEFvJDeNNNwkKGguMJKdGKyv2iLsU7noPu3w0NE
+zuMOHqbwhNwRSbuQbH6ktN32fmr8e4neGp4IKXNUid61VcXG00=
=EesU
-----END PGP SIGNATURE-----
More information about the Cosmic-changes
mailing list