Alerts This Week
Warning Icon 1 640
Alerts This Week
Warning Icon 1 640

Ubuntu 18.04 LTS: USN-3842-1 Moderate: CUPS Information Exposure

ubuntu
Calendar Grey December 10, 2018
Dist Ubuntu Esm H88
Critical CUPS flaw in Ubuntu may reveal confidential data. Security patches released to address vulnerabilities.
CUPS could be made to expose sensitive information.

Summary

CUPS could be made to expose sensitive information.

Software Description:

- cups: Common UNIX Printing System(tm)

Details:

Jann Horn discovered that CUPS incorrectly handled session cookie

randomness. A remote attacker could possibly use this issue to perform

cross-site request forgery (CSRF) attacks.

Update Instructions

The problem can be corrected by updating your system to the following
package versions:

Ubuntu 18.10:
  cups                            2.2.8-5ubuntu1.1

Ubuntu 18.04 LTS:
  cups                            2.2.7-1ubuntu2.2

Ubuntu 16.04 LTS:
  cups                            2.1.3-4ubuntu0.6

Ubuntu 14.04 LTS:
  cups                            1.7.2-0ubuntu1.11

In general, a standard system update will make all the necessary changes.

References

https://ubuntu.com/security/notices/USN-3842-1

CVE-2018-4700

December 10, 2018

Package Information

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Your message here