[ubuntu/cosmic-proposed] cups 2.2.7-1ubuntu3 (Accepted)

Marc Deslauriers marc.deslauriers at ubuntu.com
Thu Jul 12 13:04:14 UTC 2018 

cups (2.2.7-1ubuntu3) cosmic; urgency=medium

  * SECURITY UPDATE: privilege escalation in dnssd backend
    - debian/patches/CVE-2018-418x.patch: don't allow PassEnv and SetEnv to
      override standard variables in man/cups-files.conf.man.in,
      man/cupsd.conf.man.in, scheduler/conf.c, test/run-stp-tests.sh.
    - CVE-2018-4180
  * SECURITY UPDATE: local file read via Include directive
    - debian/patches/CVE-2018-418x.patch: remove Include directive handling
      in scheduler/conf.c.
    - CVE-2018-4181
  * SECURITY UPDATE: AppArmor sandbox bypass
    - debian/local/apparmor-profile: also confine
      /usr/lib/cups/backend/mdns.
    - CVE-2018-6553

Date: Fri, 22 Jun 2018 13:02:42 -0400
Changed-By: Marc Deslauriers <marc.deslauriers at ubuntu.com>
Maintainer: Ubuntu Developers <ubuntu-devel-discuss at lists.ubuntu.com>
https://launchpad.net/ubuntu/+source/cups/2.2.7-1ubuntu3
-------------- next part --------------
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Format: 1.8
Date: Fri, 22 Jun 2018 13:02:42 -0400
Source: cups
Binary: libcups2 libcupsimage2 libcupscgi1 libcupsmime1 libcupsppdc1 cups cups-core-drivers cups-daemon cups-client cups-ipp-utils libcups2-dev libcupsimage2-dev cups-bsd cups-common cups-server-common cups-ppdc
Architecture: source
Version: 2.2.7-1ubuntu3
Distribution: cosmic
Urgency: medium
Maintainer: Ubuntu Developers <ubuntu-devel-discuss at lists.ubuntu.com>
Changed-By: Marc Deslauriers <marc.deslauriers at ubuntu.com>
Description:
 cups       - Common UNIX Printing System(tm) - PPD/driver support, web interfa
 cups-bsd   - Common UNIX Printing System(tm) - BSD commands
 cups-client - Common UNIX Printing System(tm) - client programs (SysV)
 cups-common - Common UNIX Printing System(tm) - common files
 cups-core-drivers - Common UNIX Printing System(tm) - driverless printing
 cups-daemon - Common UNIX Printing System(tm) - daemon
 cups-ipp-utils - Common UNIX Printing System(tm) - IPP developer/admin utilities
 cups-ppdc  - Common UNIX Printing System(tm) - PPD manipulation utilities
 cups-server-common - Common UNIX Printing System(tm) - server common files
 libcups2   - Common UNIX Printing System(tm) - Core library
 libcups2-dev - Common UNIX Printing System(tm) - Development files CUPS library
 libcupscgi1 - Common UNIX Printing System(tm) - CGI library
 libcupsimage2 - Common UNIX Printing System(tm) - Raster image library
 libcupsimage2-dev - Common UNIX Printing System(tm) - Development files CUPS image li
 libcupsmime1 - Common UNIX Printing System(tm) - MIME library
 libcupsppdc1 - Common UNIX Printing System(tm) - PPD manipulation library
Changes:
 cups (2.2.7-1ubuntu3) cosmic; urgency=medium
 .
   * SECURITY UPDATE: privilege escalation in dnssd backend
     - debian/patches/CVE-2018-418x.patch: don't allow PassEnv and SetEnv to
       override standard variables in man/cups-files.conf.man.in,
       man/cupsd.conf.man.in, scheduler/conf.c, test/run-stp-tests.sh.
     - CVE-2018-4180
   * SECURITY UPDATE: local file read via Include directive
     - debian/patches/CVE-2018-418x.patch: remove Include directive handling
       in scheduler/conf.c.
     - CVE-2018-4181
   * SECURITY UPDATE: AppArmor sandbox bypass
     - debian/local/apparmor-profile: also confine
       /usr/lib/cups/backend/mdns.
     - CVE-2018-6553
Checksums-Sha1:
 b3baa0c7ec8e57a7ee957ce8fcd3216e1257d179 3639 cups_2.2.7-1ubuntu3.dsc
 6efd040790e0841bd1977409ac570d074f841a4b 358352 cups_2.2.7-1ubuntu3.debian.tar.xz
 b139a04a1ba3693776f48f9aea77b50aef078e76 9751 cups_2.2.7-1ubuntu3_source.buildinfo
Checksums-Sha256:
 302572a3bbf8e6dda5dcd73f93b126f4fa53030ce0e9487190a89a9c46d28333 3639 cups_2.2.7-1ubuntu3.dsc
 dfc6af7105d26b27522b2f4c3876dc570ecddc7e67fb3233b08dd8ff27f6d4bb 358352 cups_2.2.7-1ubuntu3.debian.tar.xz
 7b7db960ffadc96c34362c02815ee58ffaaf8827f4e571285d9d340ca800ae08 9751 cups_2.2.7-1ubuntu3_source.buildinfo
Files:
 dd9b25a31b2ae5c44a6d1e1bc1d2f6f7 3639 net optional cups_2.2.7-1ubuntu3.dsc
 dabbb5ab827f8378d4257c02458bbc2c 358352 net optional cups_2.2.7-1ubuntu3.debian.tar.xz
 47344b0bc9a27bb7ed8e615963a4a158 9751 net optional cups_2.2.7-1ubuntu3_source.buildinfo
Original-Maintainer: Debian Printing Team <debian-printing at lists.debian.org>

-----BEGIN PGP SIGNATURE-----

iQIzBAEBCgAdFiEEUMSg3c8x5FLOsZtRZWnYVadEvpMFAltHUS8ACgkQZWnYVadE
vpOWTw/+Jhwsw3c+7DJgmeULYE7GNZLrTuN7ffB5+o2y3f+QPKV2Rr48I4NPGZ1g
cV1q/WWH/I3g3YZYvO1szm3NiFq9LgMt26lyxOULj3DX4lHzX6Qgs5eGzxad5Y65
JH2ym2ynbi6d/4dGggiIvw8sxxsJcreROLHX8zEfWiqZmT2yga+OkfWsp3aGoYlH
ITWFD3KiGOUxzLxWpBy83ahlnE3mepO7YN0bC6rH1gNDYvNVft5+ExCxCQQHfG48
QtzkVY4OfWzkfPJkTGblhhT8AEDfT1G8W2vLBE5RrR9+wly4s6195vyZ3TNB2qdz
afd1WbBlmgb4UznrtFhu7dRH9f56et62Ml5WmKMtT+nbSR02XKFu1v2eKMVo1JFH
4lNvozB8de2SnOwlchW58IczNziBCxGlNCk15vIA5JQhrtfU35x7lCGZZJPqi3/D
LodU/LsyOyg8WDEMffLumbK9u5jWvTZhtejpdTv1zjmJfJWabrsAmjaXQ0s0rcIA
mQ/xo1ugcBzISw7Aj1w7Hn0Ga3j71BscKY9H2X9cbZGK3xv2L4xbZNY4kX2vB3Zm
wrBEIeraB7g2EUvVC9xGiuVgsvEFvJDeNNNwkKGguMJKdGKyv2iLsU7noPu3w0NE
+zuMOHqbwhNwRSbuQbH6ktN32fmr8e4neGp4IKXNUid61VcXG00=
=EesU
-----END PGP SIGNATURE-----

More information about the Cosmic-changes mailing list