UbuntuUpdates.org

Package "cups"

Name: cups

Description:

Common UNIX Printing System(tm) - PPD/driver support, web interface
Latest version: 2.2.7-1ubuntu2.10
Release: bionic (18.04)
Level: updates
Repository: main
Homepage: https://www.cups.org/

Links

All versions of this package
Bug fixes

List of files in package
Repository home page

Download "cups"

32-bit deb package
64-bit deb package
APT INSTALL

Other versions of "cups" in Bionic

Repository Area Version
base main 2.2.7-1ubuntu2
security main 2.2.7-1ubuntu2.10

Packages in group

Deleted packages are displayed in grey.


Changelog

Version: 2.2.7-1ubuntu2.5 2019-05-15 23:06:35 UTC

  cups (2.2.7-1ubuntu2.5) bionic; urgency=medium

  * d/p/systemd-service-for-cupsd-after-sssd.patch: Start cupsd after sssd if
    installed (LP: #1822062)

 -- Victor Tapia <email address hidden> Wed, 24 Apr 2019 16:58:30 +0200
Source diff to previous version
1822062 Race condition on boot between cups and sssd

Version: 2.2.7-1ubuntu2.4 2019-03-18 12:06:27 UTC

  cups (2.2.7-1ubuntu2.4) bionic; urgency=medium

  * fix-a-parsing-bug-in-the-new-authentication-code.patch,
    fix-cups-auth-find-for-schemes-without-parameters.patch: Backported
    authentication fixes from upstream (LP: #1783298).

 -- Till Kamppeter <email address hidden> Sun, 3 Mar 2019 12:28:01 +0100
Source diff to previous version
1783298 [SRU] AuthInfoRequired negotiate in cups 2.2.7 in Bionic does not work

Version: 2.2.7-1ubuntu2.3 2019-01-17 12:06:31 UTC

  cups (2.2.7-1ubuntu2.3) bionic; urgency=medium

  * fix-handling-of-MaxJobTime.patch: Fix handling of MaxJobTime 0
    (LP: #1804576)

 -- Dariusz Gadomski <email address hidden> Wed, 12 Dec 2018 08:31:14 +0100
Source diff to previous version
1804576 MaxJobTime=0 results in jobs being cancelled immediately instead of never

Version: 2.2.7-1ubuntu2.2 2018-12-10 18:06:21 UTC

  cups (2.2.7-1ubuntu2.2) bionic-security; urgency=medium

  * SECURITY UPDATE: predictable session cookies
    - debian/patches/CVE-2018-4700.patch: use better seed in cgi-bin/var.c.
    - CVE-2018-4700

 -- Marc Deslauriers <email address hidden> Fri, 16 Nov 2018 14:05:42 -0500
Source diff to previous version
CVE-2018-4700 Linux session cookies used a predictable random number seed

Version: 2.2.7-1ubuntu2.1 2018-07-11 18:07:32 UTC

  cups (2.2.7-1ubuntu2.1) bionic-security; urgency=medium

  * SECURITY UPDATE: privilege escalation in dnssd backend
    - debian/patches/CVE-2018-418x.patch: don't allow PassEnv and SetEnv to
      override standard variables in man/cups-files.conf.man.in,
      man/cupsd.conf.man.in, scheduler/conf.c, test/run-stp-tests.sh.
    - CVE-2018-4180
  * SECURITY UPDATE: local file read via Include directive
    - debian/patches/CVE-2018-418x.patch: remove Include directive handling
      in scheduler/conf.c.
    - CVE-2018-4181
  * SECURITY UPDATE: AppArmor sandbox bypass
    - debian/local/apparmor-profile: also confine
      /usr/lib/cups/backend/mdns.
    - CVE-2018-6553

 -- Marc Deslauriers <email address hidden> Fri, 22 Jun 2018 13:36:08 -0400
CVE-2018-4180 Local Privilege Escalation to Root in dnssd Backend (CUPS_SERVERBIN)
CVE-2018-4181 Limited Local File Reads as Root via cupsd.conf Include Directive
CVE-2018-6553 AppArmor profile issue in cups


About   -   Send Feedback to @ubuntu_updates