Oval Definition:oval:com.redhat.rhsa:def:20203864
Revision Date:2020-09-29Version:637
Title:RHSA-2020:3864: cups security and bug fix update (Moderate)
Description:The Common UNIX Printing System (CUPS) provides a portable printing layer for Linux, UNIX, and similar operating systems.

Security Fix(es):

  • cups: DNS rebinding attacks via incorrect whitelist (CVE-2017-18190)

  • cups: stack-buffer-overflow in libcups's asn1_get_type function (CVE-2019-8675)

  • cups: stack-buffer-overflow in libcups's asn1_get_packed function (CVE-2019-8696)

    For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

    Additional Changes:

    For detailed information on changes in this release, see the Red Hat Enterprise Linux 7.9 Release Notes linked from the References section.
    • Family:unixClass:patch
    Status:Reference(s):CVE-2017-18190
    CVE-2019-8675
    CVE-2019-8696
    RHSA-2020:3864
    Platform(s):Red Hat Enterprise Linux 7
    		Product(s):
    Definition Synopsis
  • Red Hat Enterprise Linux must be installed
  • OR Package Information
  • Red Hat Enterprise Linux 7 is installed
  • AND
  • cups is earlier than 1:1.6.3-51.el7
  • AND cups is signed with Red Hat redhatrelease2 key
  • cups-client is earlier than 1:1.6.3-51.el7
  • AND cups-client is signed with Red Hat redhatrelease2 key
  • cups-devel is earlier than 1:1.6.3-51.el7
  • AND cups-devel is signed with Red Hat redhatrelease2 key
  • cups-filesystem is earlier than 1:1.6.3-51.el7
  • AND cups-filesystem is signed with Red Hat redhatrelease2 key
  • cups-ipptool is earlier than 1:1.6.3-51.el7
  • AND cups-ipptool is signed with Red Hat redhatrelease2 key
  • cups-libs is earlier than 1:1.6.3-51.el7
  • AND cups-libs is signed with Red Hat redhatrelease2 key
  • cups-lpd is earlier than 1:1.6.3-51.el7
  • AND cups-lpd is signed with Red Hat redhatrelease2 key
    • BACK