Protect yourself against future threats.
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 =========================================================================== AUSCERT External Security Bulletin Redistribution ESB-2018.1932 [DLA 1412-1] cups security update 4 July 2018 =========================================================================== AusCERT Security Bulletin Summary --------------------------------- Product: cups Publisher: Debian Operating System: Debian GNU/Linux 8 Impact/Access: Execute Arbitrary Code/Commands -- Remote with User Interaction Denial of Service -- Existing Account Resolution: Patch/Upgrade CVE Names: CVE-2017-18248 CVE-2017-18190 Reference: ESB-2018.1603 ESB-2018.0640 ESB-2018.0516 Original Bulletin: https://lists.debian.org/debian-lts-announce/2018/07/msg00003.html - --------------------------BEGIN INCLUDED TEXT-------------------- Package : cups Version : 1.7.5-11+deb8u3 CVE ID : CVE-2017-18190 CVE-2017-18248 Two vulnerabilities affecting the cups printing server were found which can lead to arbitrary IPP command execution and denial of service. CVE-2017-18190 A localhost.localdomain whitelist entry in valid_host() in scheduler/client.c in CUPS before 2.2.2 allows remote attackers to execute arbitrary IPP commands by sending POST requests to the CUPS daemon in conjunction with DNS rebinding. The localhost.localdomain name is often resolved via a DNS server (neither the OS nor the web browser is responsible for ensuring that localhost.localdomain is 127.0.0.1). CVE-2017-18248 The add_job function in scheduler/ipp.c in CUPS before 2.2.6, when D-Bus support is enabled, can be crashed by remote attackers by sending print jobs with an invalid username, related to a D-Bus notification. For Debian 8 "Jessie", these problems have been fixed in version 1.7.5-11+deb8u3. We recommend that you upgrade your cups packages. Further information about Debian LTS security advisories, how to apply these updates to your system and frequently asked questions can be found at: https://wiki.debian.org/LTS - --------------------------END INCLUDED TEXT-------------------- You have received this e-mail bulletin as a result of your organisation's registration with AusCERT. The mailing list you are subscribed to is maintained within your organisation, so if you do not wish to continue receiving these bulletins you should contact your local IT manager. If you do not know who that is, please send an email to auscert@auscert.org.au and we will forward your request to the appropriate person. NOTE: Third Party Rights This security bulletin is provided as a service to AusCERT's members. As AusCERT did not write the document quoted above, AusCERT has had no control over its content. The decision to follow or act on information or advice contained in this security bulletin is the responsibility of each user or organisation, and should be considered in accordance with your organisation's site policies and procedures. AusCERT takes no responsibility for consequences which may arise from following or acting on information or advice contained in this security bulletin. NOTE: This is only the original release of the security bulletin. It may not be updated when updates to the original are made. If downloading at a later date, it is recommended that the bulletin is retrieved directly from the author's website to ensure that the information is still current. Contact information for the authors of the original document is included in the Security Bulletin above. If you have any questions or need further information, please contact them directly. Previous advisories and external security bulletins can be retrieved from: https://www.auscert.org.au/bulletins/ =========================================================================== Australian Computer Emergency Response Team The University of Queensland Brisbane Qld 4072 Internet Email: auscert@auscert.org.au Facsimile: (07) 3365 7031 Telephone: (07) 3365 4417 (International: +61 7 3365 4417) AusCERT personnel answer during Queensland business hours which are GMT+10:00 (AEST). On call after hours for member emergencies only. =========================================================================== -----BEGIN PGP SIGNATURE----- Comment: http://www.auscert.org.au/render.html?it=1967 iQIVAwUBWzwTxWaOgq3Tt24GAQimZA/9HsXhD5EI5N2cAcVOEELtOluzZBcJVlGE fbdYlFJUgc10o4yBr25FZ2kYL6PfLnv01Z6ERZTFhBhDoKaEsVVn4jyXm025DXk6 egkPk7cOFEoaQw2wwQpjjUuEEulStp0WaFZ7UWSf5GGM/N6oXfkfpecBe/znsCS3 Yub5TQ8c7COepzVTOOU8/JO/c44irTeukeGbMat5PfLh9fc+ckCwWNGiSXHR1Jkt 4ecVIi0Nq7lgb+AODq7SF6FFELdcdWVTYJYy+4zuR401yIse0iGOOXKACrwTLs2a 1AF6Q13d2IHpPqvQW4KMhvoS7aD7J8SwodqE0SaFxr8PMMghJwXg0MQkVAx1a31E k5vc8oYW3q9bJWAF1a9LiXYmMGbNPfAW8MbpbFRU1wWqslD2RYpki2T2/LOQPhUJ 86VLsdLrB8o1ObHpRqU4m5uKdu+1Z87a9l3P5A14YKL/dQ2PeKtG6iHzIzKsYCg1 6wzTMZLbvCGma/dtv3knLB3DLGPvJMPjqiNg5DLsW3gR+n3SDTyaQsDN3/4/xSFP TtROfK892Lmfgvvdy/f6RlQ+ijaw75KimkZmTablFjl+rqlByQfjpO4t0WRc71aK IvjfMfFy63SVQZK8gH1UvW8zMALR0EWvrKAs6NrM6ksMDzYLk0O05a606pONtvoJ euQmjP248fQ= =uH4c -----END PGP SIGNATURE-----