Summary: | <net-print/cups-{2.2.8,2.3_beta7}: multiple vulnerabilities | ||
---|---|---|---|
Product: | Gentoo Security | Reporter: | D'juan McDonald (domhnall) <flopwiki> |
Component: | Vulnerabilities | Assignee: | Gentoo Security <security> |
Status: | RESOLVED FIXED | ||
Severity: | major | CC: | printing |
Priority: | Normal | ||
Version: | unspecified | ||
Hardware: | All | ||
OS: | Linux | ||
URL: | https://support.apple.com/en-us/HT208849 | ||
Whiteboard: | B1 [glsa+ cve] | ||
Package list: | Runtime testing required: | --- |
Description
D'juan McDonald (domhnall)
2018-07-11 18:34:11 UTC
Patches at: https://github.com/apple/cups/commit/d47f6aec436e0e9df6554436e391471097686ecc address issues for the follow CVEs: CVE-2018-4180, CVE-2018-4181, CVE-2018-4182, CVE-2018-4183, CVE-2018-655 tree has 2.2.7 stable (possibly fixed via backport) tree has 2.2.8 testing (fixed version available) see: https://github.com/apple/cups/blob/v2.3b5/CHANGES.md https://github.com/apple/cups/blob/v2.2.8/CHANGES.md however, https://nvd.nist.gov/vuln/detail/CVE-2017-15400 and https://bugs.chromium.org/p/chromium/issues/detail?id=777215 #comment 41 imo implies it was filed by the Chromium Project for: Google Chrome 61.0.3163.123 (Official Build) (64-bit) Further Referece: https://blog.gdssecurity.com/labs/2018/7/11/cups-local-privilege-escalation-and-sandbox-escapes.html Gentoo Security Padawan (domhnall) This issue was resolved and addressed in GLSA 201908-08 at https://security.gentoo.org/glsa/201908-08 by GLSA coordinator Aaron Bauman (b-man). |