Oval Definition:	oval:com.redhat.rhsa:def:20201050
Revision Date: 2020-03-31 Version: 636 Title: RHSA-2020:1050: cups security and bug fix update (Moderate) Description: The Common UNIX Printing System (CUPS) provides a portable printing layer for Linux, UNIX, and similar operating systems. Security Fix(es): cups: Local privilege escalation to root due to insecure environment variable handling (CVE-2018-4180) cups: Manipulation of cupsd.conf by a local attacker resulting in limited reads of arbitrary files as root (CVE-2018-4181) cups: Predictable session cookie breaks CSRF protection (CVE-2018-4700) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Additional Changes: For detailed information on changes in this release, see the Red Hat Enterprise Linux 7.8 Release Notes linked from the References section. Family: unix Class: patch Status: Reference(s): CVE-2018-4180 CVE-2018-4181 CVE-2018-4300 CVE-2018-4700 RHSA-2020:1050 Platform(s): Red Hat Enterprise Linux 7 Product(s): Definition Synopsis Red Hat Enterprise Linux must be installed OR Package Information Red Hat Enterprise Linux 7 is installed AND cups is earlier than 1:1.6.3-43.el7 AND cups is signed with Red Hat redhatrelease2 key cups-client is earlier than 1:1.6.3-43.el7 AND cups-client is signed with Red Hat redhatrelease2 key cups-devel is earlier than 1:1.6.3-43.el7 AND cups-devel is signed with Red Hat redhatrelease2 key cups-filesystem is earlier than 1:1.6.3-43.el7 AND cups-filesystem is signed with Red Hat redhatrelease2 key cups-ipptool is earlier than 1:1.6.3-43.el7 AND cups-ipptool is signed with Red Hat redhatrelease2 key cups-libs is earlier than 1:1.6.3-43.el7 AND cups-libs is signed with Red Hat redhatrelease2 key cups-lpd is earlier than 1:1.6.3-43.el7 AND cups-lpd is signed with Red Hat redhatrelease2 key
BACK