Publishing details
-
Removed from disk
.
-
Removal requested
.
-
Superseded
by cups - 1.7.2-0ubuntu1.11
-
Published
-
Copied from
ubuntu trusty in
Private PPA for Ubuntu Security Team
by Ubuntu Archive Robot
Changelog
cups (1.7.2-0ubuntu1.10) trusty-security; urgency=medium
* SECURITY UPDATE: scheduler crash via DBUS notifications
- debian/patches/CVE-2017-18248.patch: validate requesting-user-name in
scheduler/ipp.c.
- CVE-2017-18248
* SECURITY UPDATE: privilege escalation in dnssd backend
- debian/patches/CVE-2018-418x.patch: don't allow PassEnv and SetEnv to
override standard variables in man/cups-files.conf.man.in,
man/cupsd.conf.man.in, scheduler/conf.c.
- CVE-2018-4180
* SECURITY UPDATE: local file read via Include directive
- debian/patches/CVE-2018-418x.patch: remove Include directive handling
in scheduler/conf.c.
- CVE-2018-4181
* SECURITY UPDATE: AppArmor sandbox bypass
- debian/local/apparmor-profile: also confine
/usr/lib/cups/backend/mdns.
- CVE-2018-6553
-- Marc Deslauriers <email address hidden> Fri, 22 Jun 2018 13:53:17 -0400
Builds
Package files