Package "cups"

Name: cups


Common UNIX Printing System(tm) - PPD/driver support, web interface

Latest version: 2.2.12-2ubuntu1.1
Release: eoan (19.10)
Level: security
Repository: main
Homepage: https://www.cups.org/


Download "cups"

Other versions of "cups" in Eoan

Repository Area Version
base main 2.2.12-2ubuntu1
updates main 2.2.12-2ubuntu1.1

Packages in group

Deleted packages are displayed in grey.


Version: 2.2.12-2ubuntu1.1 2020-04-27 16:06:31 UTC

  cups (2.2.12-2ubuntu1.1) eoan-security; urgency=medium

  * SECURITY UPDATE: information disclosure via OOB read
    - debian/patches/CVE-2019-2228.patch: fix ippSetValueTag validation of
      default language in cups/ipp.c.
    - CVE-2019-2228
  * SECURITY UPDATE: heap-based buffer overflow
    - debian/patches/CVE-2020-3898.patch: properly handle invalid
      resolution names in cups/ppd.c, ppdc/ppdc-source.cxx.
    - CVE-2020-3898

 -- Marc Deslauriers <email address hidden> Fri, 24 Apr 2020 10:39:27 -0400

CVE-2019-2228 In array_find of array.c, there is a possible out-of-bounds read due to an incorrect bounds check. This could lead to local information disclosure in
CVE-2020-3898 heap based buffer overflow in libcups's ppdFindOption() in ppd-mark.c

About   -   Send Feedback to @ubuntu_updates