UbuntuUpdates.org

Package "cups"

Name: cups

Description:

Common UNIX Printing System(tm) - PPD/driver support, web interface
Latest version: 1.7.2-0ubuntu1.11
Release: trusty (14.04)
Level: updates
Repository: main
Homepage: http://www.cups.org

Links

All versions of this package
Bug fixes

List of files in package
Repository home page

Download "cups"

32-bit deb package
64-bit deb package
APT INSTALL

Other versions of "cups" in Trusty

Repository Area Version
base main 1.7.2-0ubuntu1
security main 1.7.2-0ubuntu1.11

Packages in group

Deleted packages are displayed in grey.


Changelog

Version: 1.7.2-0ubuntu1.6 2015-06-10 14:07:00 UTC

  cups (1.7.2-0ubuntu1.6) trusty-security; urgency=medium

  * SECURITY UPDATE: privilege escalation through dynamic linker and
    isolated vulnerabilities
    - debian/patches/str4609.patch: apply patch from upstream to
      cgi-bin/ipp-var.c, cgi-bin/template.c, scheduler/client.c,
      scheduler/env.c, scheduler/ipp.c, scheduler/job.c, scheduler/main.c.
    - CVE number pending

 -- Marc Deslauriers <email address hidden> Thu, 04 Jun 2015 08:08:11 -0400
Source diff to previous version

Version: 1.7.2-0ubuntu1.5 2015-02-26 18:07:00 UTC

  cups (1.7.2-0ubuntu1.5) trusty-security; urgency=medium

  * SECURITY UPDATE: buffer overflow in cupsRasterReadPixels
    - debian/patches/CVE-2014-9679.patch: validate cupsBytesPerLine and
      clear returned buffer in filter/raster.c.
    - CVE-2014-9679
 -- Marc Deslauriers <email address hidden> Wed, 25 Feb 2015 14:03:54 -0500
Source diff to previous version
CVE-2014-9679 Integer underflow in the cupsRasterReadPixels function in filter/raster.c in CUPS before 2.0.2 allows remote attackers to have unspecified impact via

Version: 1.7.2-0ubuntu1.4 2015-02-24 21:08:06 UTC

  cups (1.7.2-0ubuntu1.4) trusty-proposed; urgency=medium

  * Fix -h option not honoured when CUPS_SERVER variable
    is defined. (LP: #1352809)
 -- Louis Bouchard <email address hidden> Mon, 09 Feb 2015 11:22:42 +0100
Source diff to previous version
1352809 /usr/bin/lp on Trusty using -h option doesn't work as expected

Version: 1.7.2-0ubuntu1.2 2014-09-08 16:06:25 UTC

  cups (1.7.2-0ubuntu1.2) trusty-security; urgency=medium

  * SECURITY UPDATE: privilege escalation via symlinks and world-readable
    permissions
    - debian/patches/CVE-2014-50xx.patch: add some more symlink and
      permission checks to scheduler/client.c.
    - CVE-2014-5029
    - CVE-2014-5030
    - CVE-2014-5031
  * debian/patches/cups-restore-access-to-logfiles.patch: fix regressions
    caused by recent security updates by allowing access to cupsd.conf and
    the log files. (LP: #1349387)
 -- Marc Deslauriers <email address hidden> Fri, 05 Sep 2014 15:04:59 -0400
Source diff to previous version
1349387 server settings are inaccessible
CVE-2014-5029 The web interface in CUPS 1.7.4 allows local users in the lp group to ...
CVE-2014-5030 CUPS before 2.0 allows local users to read arbitrary files via a ...
CVE-2014-5031 The web interface in CUPS before 2.0 does not check that files have ...

Version: 1.7.2-0ubuntu1.1 2014-07-21 18:06:55 UTC

  cups (1.7.2-0ubuntu1.1) trusty-security; urgency=medium

  * SECURITY UPDATE: privilege escalation via rss dir symlink
    - debian/patches/CVE-2014-3537.patch: check for symlinks and proper
      permissions in scheduler/client.c.
    - CVE-2014-3537
 -- Marc Deslauriers <email address hidden> Fri, 18 Jul 2014 16:23:48 -0400
CVE-2014-3537 Insufficient checking leads to privilege escalation


About   -   Send Feedback to @ubuntu_updates