Oval Definition:	oval:org.opensuse.security:def:56559
Revision Date: 2020-12-01 Version: 1 Title: Security update for cups (Moderate) Description: This update for cups fixes the following issues: The following security vulnerabilities were fixed: - CVE-2017-18248: Handle invalid characters properly in printing jobs. This fixes a problem that was causing the DBUS library to abort the calling process. (bsc#1061066 bsc#1087018) - Fixed a local privilege escalation to root and sandbox bypasses in the scheduler - CVE-2018-4180: Fixed a local privilege escalation to root in dnssd backend (bsc#1096405) - CVE-2018-4181: Limited local file reads as root via cupsd.conf include directive (bsc#1096406) - CVE-2018-4182: Fixed a sandbox bypass due to insecure error handling (bsc#1096407) - CVE-2018-4183: Fixed a sandbox bypass due to profile misconfiguration (bsc#1096408) The following other issue was fixed: - Fixed authorization check for clients (like samba) connected through the local socket when Kerberos authentication is enabled (bsc#1050082) Family: unix Class: patch Status: Reference(s): 1000394 1000399 1000434 1000436 1000686 1000688 1000689 1000690 1000691 1000692 1000693 1000694 1000695 1000696 1000697 1000698 1000699 1000700 1000701 1000702 1000703 1000704 1000706 1000707 1000708 1000709 1000711 1000712 1000713 1000714 1000715 1001066 1001221 1002206 1002209 1002421 1002422 1003629 1005123 1005125 1005127 1005328 1044947 1050082 1059777 1061066 1061076 1061077 1061080 1061081 1061082 1061084 1061086 1061087 1082858 1084688 1084690 1084691 1087018 1096405 1096406 1096407 1096408 1101410 1101412 1101654 1103040 1103200 1103353 1122293 1122299 1130103 1132549 1132664 1132728 1132729 1132732 1133528 1134297 1135824 1144504 1149458 1151839 953516 953519 953521 959886 960158 963230 965897 967122 970423 970860 972612 972727 973848 976766 978275 CVE-2011-1145 CVE-2011-2199 CVE-2014-9756 CVE-2014-9770 CVE-2014-9907 CVE-2015-0247 CVE-2015-1572 CVE-2015-7805 CVE-2015-8075 CVE-2015-8842 CVE-2015-8957 CVE-2015-8958 CVE-2015-8959 CVE-2016-6823 CVE-2016-7101 CVE-2016-7513 CVE-2016-7514 CVE-2016-7515 CVE-2016-7516 CVE-2016-7517 CVE-2016-7518 CVE-2016-7519 CVE-2016-7520 CVE-2016-7521 CVE-2016-7522 CVE-2016-7523 CVE-2016-7524 CVE-2016-7525 CVE-2016-7526 CVE-2016-7527 CVE-2016-7528 CVE-2016-7529 CVE-2016-7530 CVE-2016-7531 CVE-2016-7532 CVE-2016-7533 CVE-2016-7534 CVE-2016-7535 CVE-2016-7537 CVE-2016-7538 CVE-2016-7539 CVE-2016-7540 CVE-2016-7799 CVE-2016-7800 CVE-2016-7996 CVE-2016-7997 CVE-2016-8677 CVE-2016-8682 CVE-2016-8683 CVE-2016-8684 CVE-2017-15588 CVE-2017-15589 CVE-2017-15590 CVE-2017-15591 CVE-2017-15592 CVE-2017-15593 CVE-2017-15594 CVE-2017-15595 CVE-2017-18248 CVE-2017-5526 CVE-2017-7508 CVE-2017-7520 CVE-2017-7521 CVE-2018-0360 CVE-2018-0361 CVE-2018-1000085 CVE-2018-11212 CVE-2018-14679 CVE-2018-4180 CVE-2018-4181 CVE-2018-4182 CVE-2018-4183 CVE-2018-5800 CVE-2018-5801 CVE-2018-5802 CVE-2018-5810 CVE-2018-5813 CVE-2019-11234 CVE-2019-11235 CVE-2019-11691 CVE-2019-11692 CVE-2019-11693 CVE-2019-11694 CVE-2019-11698 CVE-2019-12625 CVE-2019-12900 CVE-2019-2422 CVE-2019-2426 CVE-2019-2602 CVE-2019-2684 CVE-2019-2698 CVE-2019-3859 CVE-2019-7317 CVE-2019-9800 CVE-2019-9815 CVE-2019-9816 CVE-2019-9817 CVE-2019-9818 CVE-2019-9819 CVE-2019-9820 SUSE-SU-2015:2000-2 SUSE-SU-2016:1346-1 SUSE-SU-2016:2667-1 SUSE-SU-2017:1635-1 SUSE-SU-2017:2873-1 SUSE-SU-2018:2162-1 SUSE-SU-2018:2323-1 SUSE-SU-2018:3343-1 SUSE-SU-2019:1039-1 SUSE-SU-2019:1060-1 SUSE-SU-2019:1388-1 SUSE-SU-2019:1392-1 SUSE-SU-2019:3066-1 Platform(s): openSUSE Leap 15.0 openSUSE Leap 15.1 SUSE Linux Enterprise Desktop 12 SP3 SUSE Linux Enterprise Server 12 SP1 SUSE Linux Enterprise Server 12 SP1-LTSS SUSE Linux Enterprise Server 12 SP2 SUSE Linux Enterprise Server 12 SP2-BCL SUSE Linux Enterprise Server 12 SP2-ESPOS SUSE Linux Enterprise Server 12 SP2-LTSS SUSE Linux Enterprise Server 12 SP3 SUSE Linux Enterprise Server 12 SP3-BCL SUSE Linux Enterprise Server 12 SP3-LTSS SUSE Linux Enterprise Server 12 SP3-TERADATA SUSE Linux Enterprise Server 12 SP4 SUSE OpenStack Cloud 6 SUSE OpenStack Cloud 7 SUSE OpenStack Cloud 8 Product(s): Definition Synopsis openSUSE Leap 15.0 is installed AND libapr1-1.6.3-lp150.1 is installed Definition Synopsis openSUSE Leap 15.1 is installed AND Package Information GraphicsMagick-1.3.29-lp151.4.6 is installed OR GraphicsMagick-devel-1.3.29-lp151.4.6 is installed OR libGraphicsMagick++-Q16-12-1.3.29-lp151.4.6 is installed OR libGraphicsMagick++-devel-1.3.29-lp151.4.6 is installed OR libGraphicsMagick-Q16-3-1.3.29-lp151.4.6 is installed OR libGraphicsMagick3-config-1.3.29-lp151.4.6 is installed OR libGraphicsMagickWand-Q16-2-1.3.29-lp151.4.6 is installed OR perl-GraphicsMagick-1.3.29-lp151.4.6 is installed Definition Synopsis SUSE Linux Enterprise Desktop 12 SP3 is installed AND Package Information cups-1.7.5-20.14 is installed OR cups-client-1.7.5-20.14 is installed OR cups-libs-1.7.5-20.14 is installed OR cups-libs-32bit-1.7.5-20.14 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP1 is installed AND tftp-5.2-10 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP1-LTSS is installed AND clamav-0.100.1-33.15 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP2 is installed AND Package Information e2fsprogs-1.42.11-7 is installed OR libcom_err2-1.42.11-7 is installed OR libcom_err2-32bit-1.42.11-7 is installed OR libext2fs2-1.42.11-7 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP2-BCL is installed AND Package Information kernel-firmware-20170530-21.22 is installed OR ucode-amd-20170530-21.22 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP2-ESPOS is installed AND Package Information libvirt-2.0.0-27.42 is installed OR libvirt-client-2.0.0-27.42 is installed OR libvirt-daemon-2.0.0-27.42 is installed OR libvirt-daemon-config-network-2.0.0-27.42 is installed OR libvirt-daemon-config-nwfilter-2.0.0-27.42 is installed OR libvirt-daemon-driver-interface-2.0.0-27.42 is installed OR libvirt-daemon-driver-libxl-2.0.0-27.42 is installed OR libvirt-daemon-driver-lxc-2.0.0-27.42 is installed OR libvirt-daemon-driver-network-2.0.0-27.42 is installed OR libvirt-daemon-driver-nodedev-2.0.0-27.42 is installed OR libvirt-daemon-driver-nwfilter-2.0.0-27.42 is installed OR libvirt-daemon-driver-qemu-2.0.0-27.42 is installed OR libvirt-daemon-driver-secret-2.0.0-27.42 is installed OR libvirt-daemon-driver-storage-2.0.0-27.42 is installed OR libvirt-daemon-hooks-2.0.0-27.42 is installed OR libvirt-daemon-lxc-2.0.0-27.42 is installed OR libvirt-daemon-qemu-2.0.0-27.42 is installed OR libvirt-daemon-xen-2.0.0-27.42 is installed OR libvirt-doc-2.0.0-27.42 is installed OR libvirt-lock-sanlock-2.0.0-27.42 is installed OR libvirt-nss-2.0.0-27.42 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP2-LTSS is installed AND Package Information openslp-2.0.0-18.17 is installed OR openslp-32bit-2.0.0-18.17 is installed OR openslp-server-2.0.0-18.17 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP3 is installed AND Package Information libQt5Concurrent5-5.6.2-5 is installed OR libQt5Core5-5.6.2-5 is installed OR libQt5DBus5-5.6.2-5 is installed OR libQt5Gui5-5.6.2-5 is installed OR libQt5Network5-5.6.2-5 is installed OR libQt5OpenGL5-5.6.2-5 is installed OR libQt5PrintSupport5-5.6.2-5 is installed OR libQt5Sql5-5.6.2-5 is installed OR libQt5Sql5-mysql-5.6.2-5 is installed OR libQt5Sql5-postgresql-5.6.2-5 is installed OR libQt5Sql5-sqlite-5.6.2-5 is installed OR libQt5Sql5-unixODBC-5.6.2-5 is installed OR libQt5Test5-5.6.2-5 is installed OR libQt5Widgets5-5.6.2-5 is installed OR libQt5Xml5-5.6.2-5 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP3-BCL is installed AND Package Information java-1_7_1-ibm-1.7.1_sr4.50-38.41 is installed OR java-1_7_1-ibm-alsa-1.7.1_sr4.50-38.41 is installed OR java-1_7_1-ibm-jdbc-1.7.1_sr4.50-38.41 is installed OR java-1_7_1-ibm-plugin-1.7.1_sr4.50-38.41 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP3-LTSS is installed AND Package Information kgraft-patch-4_4_162-94_72-default-6-2 is installed OR kgraft-patch-SLE12-SP3_Update_22-6-2 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP3-TERADATA is installed AND Package Information python-PyYAML-5.1.2-26.9 is installed OR python-asn1crypto-0.24.0-2.5 is installed OR python-packaging-17.1-2.5 is installed OR python3-PyYAML-5.1.2-26.9 is installed OR python3-asn1crypto-0.24.0-2.5 is installed OR python3-packaging-17.1-2.5 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP4 is installed AND apache-commons-httpclient-3.1-4 is installed Definition Synopsis SUSE OpenStack Cloud 6 is installed AND Package Information openvpn-2.3.8-16.17 is installed OR openvpn-auth-pam-plugin-2.3.8-16.17 is installed Definition Synopsis SUSE OpenStack Cloud 7 is installed AND Package Information freeradius-server-3.0.3-17.12 is installed OR freeradius-server-doc-3.0.3-17.12 is installed OR freeradius-server-krb5-3.0.3-17.12 is installed OR freeradius-server-ldap-3.0.3-17.12 is installed OR freeradius-server-libs-3.0.3-17.12 is installed OR freeradius-server-mysql-3.0.3-17.12 is installed OR freeradius-server-perl-3.0.3-17.12 is installed OR freeradius-server-postgresql-3.0.3-17.12 is installed OR freeradius-server-python-3.0.3-17.12 is installed OR freeradius-server-sqlite-3.0.3-17.12 is installed OR freeradius-server-utils-3.0.3-17.12 is installed Definition Synopsis SUSE OpenStack Cloud 8 is installed AND squid-3.5.21-26.20 is installed
BACK