SUSE-SU-2018:2233-1
- Source
- https://www.suse.com/support/update/announcement/2018/suse-su-20182233-1/
- Import Source
- https://ftp.suse.com/pub/projects/security/osv/SUSE-SU-2018:2233-1.json
- JSON Data
- https://api.osv.dev/v1/vulns/SUSE-SU-2018:2233-1
- Upstream
- Related
- Published
- 2018-08-07T10:47:47Z
- Modified
- 2025-05-02T04:08:19.657856Z
- Summary
- Security update for cups
- Details
-
This update for cups fixes the following issues:
Security issues fixed:
- CVE-2018-4180: Fix local privilege escalation to root in dnssd backend (bsc#1096405).
- CVE-2018-4181: Limited local file reads as root via cupsd.conf include directive (bsc#1096406).
- CVE-2018-4182: Fix cups-exec sandbox bypass due to insecure error handling (bsc#1096407).
- CVE-2018-4183: Fix cups-exec sandbox bypass due to profile misconfiguration (bsc#1096408).
- References
-
- https://www.suse.com/support/update/announcement/2018/suse-su-20182233-1/
- https://bugzilla.suse.com/1096405
- https://bugzilla.suse.com/1096406
- https://bugzilla.suse.com/1096407
- https://bugzilla.suse.com/1096408
- https://www.suse.com/security/cve/CVE-2018-4180
- https://www.suse.com/security/cve/CVE-2018-4181
- https://www.suse.com/security/cve/CVE-2018-4182
- https://www.suse.com/security/cve/CVE-2018-4183
Affected packages
SUSE:Linux Enterprise Server 11 SP4
cups
Package
- Name
- cups
- Purl
- pkg:rpm/suse/cups&distro=SUSE%20Linux%20Enterprise%20Server%2011%20SP4
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affectedFixed1.3.9-8.46.56.3.1
SUSE:Linux Enterprise Server for SAP Applications 11 SP4
cups
Package
- Name
- cups
- Purl
- pkg:rpm/suse/cups&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2011%20SP4
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affectedFixed1.3.9-8.46.56.3.1