USN-6844-1 fixed vulnerabilities in the CUPS package. The update lead to the discovery of a regression in CUPS with regards to how the cupsd daemon handles Listen configuration directive. This update fixes the problem.
We apologize for the inconvenience.
Original advisory details: Rory McNamara discovered that when starting the cupsd server with a Listen configuration item, the cupsd process fails to validate if bind call passed. An attacker could possibly trick cupsd to perform an arbitrary chmod of the provided argument, providing world-writable access to the target.
{
"binaries": [
{
"binary_name": "cups",
"binary_version": "2.1.3-4ubuntu0.11+esm7"
},
{
"binary_name": "cups-bsd",
"binary_version": "2.1.3-4ubuntu0.11+esm7"
},
{
"binary_name": "cups-client",
"binary_version": "2.1.3-4ubuntu0.11+esm7"
},
{
"binary_name": "cups-common",
"binary_version": "2.1.3-4ubuntu0.11+esm7"
},
{
"binary_name": "cups-core-drivers",
"binary_version": "2.1.3-4ubuntu0.11+esm7"
},
{
"binary_name": "cups-daemon",
"binary_version": "2.1.3-4ubuntu0.11+esm7"
},
{
"binary_name": "cups-ipp-utils",
"binary_version": "2.1.3-4ubuntu0.11+esm7"
},
{
"binary_name": "cups-ppdc",
"binary_version": "2.1.3-4ubuntu0.11+esm7"
},
{
"binary_name": "cups-server-common",
"binary_version": "2.1.3-4ubuntu0.11+esm7"
},
{
"binary_name": "libcups2",
"binary_version": "2.1.3-4ubuntu0.11+esm7"
},
{
"binary_name": "libcupscgi1",
"binary_version": "2.1.3-4ubuntu0.11+esm7"
},
{
"binary_name": "libcupsimage2",
"binary_version": "2.1.3-4ubuntu0.11+esm7"
},
{
"binary_name": "libcupsmime1",
"binary_version": "2.1.3-4ubuntu0.11+esm7"
},
{
"binary_name": "libcupsppdc1",
"binary_version": "2.1.3-4ubuntu0.11+esm7"
}
],
"availability": "Available with Ubuntu Pro (Infra-only): https://ubuntu.com/pro"
}
{
"binaries": [
{
"binary_name": "cups",
"binary_version": "2.2.7-1ubuntu2.10+esm5"
},
{
"binary_name": "cups-bsd",
"binary_version": "2.2.7-1ubuntu2.10+esm5"
},
{
"binary_name": "cups-client",
"binary_version": "2.2.7-1ubuntu2.10+esm5"
},
{
"binary_name": "cups-common",
"binary_version": "2.2.7-1ubuntu2.10+esm5"
},
{
"binary_name": "cups-core-drivers",
"binary_version": "2.2.7-1ubuntu2.10+esm5"
},
{
"binary_name": "cups-daemon",
"binary_version": "2.2.7-1ubuntu2.10+esm5"
},
{
"binary_name": "cups-ipp-utils",
"binary_version": "2.2.7-1ubuntu2.10+esm5"
},
{
"binary_name": "cups-ppdc",
"binary_version": "2.2.7-1ubuntu2.10+esm5"
},
{
"binary_name": "cups-server-common",
"binary_version": "2.2.7-1ubuntu2.10+esm5"
},
{
"binary_name": "libcups2",
"binary_version": "2.2.7-1ubuntu2.10+esm5"
},
{
"binary_name": "libcupscgi1",
"binary_version": "2.2.7-1ubuntu2.10+esm5"
},
{
"binary_name": "libcupsimage2",
"binary_version": "2.2.7-1ubuntu2.10+esm5"
},
{
"binary_name": "libcupsmime1",
"binary_version": "2.2.7-1ubuntu2.10+esm5"
},
{
"binary_name": "libcupsppdc1",
"binary_version": "2.2.7-1ubuntu2.10+esm5"
}
],
"availability": "Available with Ubuntu Pro (Infra-only): https://ubuntu.com/pro"
}
{
"binaries": [
{
"binary_name": "cups",
"binary_version": "2.3.1-9ubuntu1.8"
},
{
"binary_name": "cups-bsd",
"binary_version": "2.3.1-9ubuntu1.8"
},
{
"binary_name": "cups-client",
"binary_version": "2.3.1-9ubuntu1.8"
},
{
"binary_name": "cups-common",
"binary_version": "2.3.1-9ubuntu1.8"
},
{
"binary_name": "cups-core-drivers",
"binary_version": "2.3.1-9ubuntu1.8"
},
{
"binary_name": "cups-daemon",
"binary_version": "2.3.1-9ubuntu1.8"
},
{
"binary_name": "cups-ipp-utils",
"binary_version": "2.3.1-9ubuntu1.8"
},
{
"binary_name": "cups-ppdc",
"binary_version": "2.3.1-9ubuntu1.8"
},
{
"binary_name": "cups-server-common",
"binary_version": "2.3.1-9ubuntu1.8"
},
{
"binary_name": "libcups2",
"binary_version": "2.3.1-9ubuntu1.8"
},
{
"binary_name": "libcupsimage2",
"binary_version": "2.3.1-9ubuntu1.8"
}
],
"availability": "No subscription required"
}
{
"binaries": [
{
"binary_name": "cups",
"binary_version": "2.4.1op1-1ubuntu4.10"
},
{
"binary_name": "cups-bsd",
"binary_version": "2.4.1op1-1ubuntu4.10"
},
{
"binary_name": "cups-client",
"binary_version": "2.4.1op1-1ubuntu4.10"
},
{
"binary_name": "cups-common",
"binary_version": "2.4.1op1-1ubuntu4.10"
},
{
"binary_name": "cups-core-drivers",
"binary_version": "2.4.1op1-1ubuntu4.10"
},
{
"binary_name": "cups-daemon",
"binary_version": "2.4.1op1-1ubuntu4.10"
},
{
"binary_name": "cups-ipp-utils",
"binary_version": "2.4.1op1-1ubuntu4.10"
},
{
"binary_name": "cups-ppdc",
"binary_version": "2.4.1op1-1ubuntu4.10"
},
{
"binary_name": "cups-server-common",
"binary_version": "2.4.1op1-1ubuntu4.10"
},
{
"binary_name": "libcups2",
"binary_version": "2.4.1op1-1ubuntu4.10"
},
{
"binary_name": "libcupsimage2",
"binary_version": "2.4.1op1-1ubuntu4.10"
}
],
"availability": "No subscription required"
}
{
"binaries": [
{
"binary_name": "cups",
"binary_version": "2.4.7-1.2ubuntu7.2"
},
{
"binary_name": "cups-bsd",
"binary_version": "2.4.7-1.2ubuntu7.2"
},
{
"binary_name": "cups-client",
"binary_version": "2.4.7-1.2ubuntu7.2"
},
{
"binary_name": "cups-common",
"binary_version": "2.4.7-1.2ubuntu7.2"
},
{
"binary_name": "cups-core-drivers",
"binary_version": "2.4.7-1.2ubuntu7.2"
},
{
"binary_name": "cups-daemon",
"binary_version": "2.4.7-1.2ubuntu7.2"
},
{
"binary_name": "cups-ipp-utils",
"binary_version": "2.4.7-1.2ubuntu7.2"
},
{
"binary_name": "cups-ppdc",
"binary_version": "2.4.7-1.2ubuntu7.2"
},
{
"binary_name": "cups-server-common",
"binary_version": "2.4.7-1.2ubuntu7.2"
},
{
"binary_name": "libcups2t64",
"binary_version": "2.4.7-1.2ubuntu7.2"
},
{
"binary_name": "libcupsimage2t64",
"binary_version": "2.4.7-1.2ubuntu7.2"
}
],
"availability": "No subscription required"
}