USN-6391-2

See a problem?
Source
https://ubuntu.com/security/notices/USN-6391-2
Import Source
https://github.com/canonical/ubuntu-security-notices/blob/main/osv/USN-6391-2.json
JSON Data
https://api.osv.dev/v1/vulns/USN-6391-2
Related
Published
2023-09-21T14:09:04.761073Z
Modified
2023-09-21T14:09:04.761073Z
Summary
cups vulnerability
Details

USN-6391-1 fixed a vulnerability in CUPS. This update provides the corresponding update for Ubuntu 16.04 LTS and Ubuntu 18.04 LTS.

Original advisory details:

It was discovered that CUPS incorrectly parsed certain Postscript objects. If a user or automated system were tricked into printing a specially crafted document, a remote attacker could use this issue to cause CUPS to crash, resulting in a denial of service, or possibly execute arbitrary code.

References

Affected packages

Ubuntu:Pro:18.04:LTS / cups

Package

Name
cups

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
2.2.7-1ubuntu2.10+esm2

Ecosystem specific

{
    "availability": "Available with Ubuntu Pro: https://ubuntu.com/pro",
    "binaries": [
        {
            "libcups2": "2.2.7-1ubuntu2.10+esm2",
            "libcupsppdc1": "2.2.7-1ubuntu2.10+esm2",
            "cups": "2.2.7-1ubuntu2.10+esm2",
            "cups-ipp-utils": "2.2.7-1ubuntu2.10+esm2",
            "cups-client": "2.2.7-1ubuntu2.10+esm2",
            "libcupsimage2-dev": "2.2.7-1ubuntu2.10+esm2",
            "libcupsmime1": "2.2.7-1ubuntu2.10+esm2",
            "cups-common": "2.2.7-1ubuntu2.10+esm2",
            "libcupsimage2": "2.2.7-1ubuntu2.10+esm2",
            "cups-server-common": "2.2.7-1ubuntu2.10+esm2",
            "libcupscgi1": "2.2.7-1ubuntu2.10+esm2",
            "cups-core-drivers": "2.2.7-1ubuntu2.10+esm2",
            "cups-ppdc": "2.2.7-1ubuntu2.10+esm2",
            "cups-bsd": "2.2.7-1ubuntu2.10+esm2",
            "cups-daemon": "2.2.7-1ubuntu2.10+esm2",
            "libcups2-dev": "2.2.7-1ubuntu2.10+esm2"
        }
    ]
}

Ubuntu:Pro:16.04:LTS / cups

Package

Name
cups

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
2.1.3-4ubuntu0.11+esm4

Ecosystem specific

{
    "availability": "Available with Ubuntu Pro: https://ubuntu.com/pro",
    "binaries": [
        {
            "libcups2": "2.1.3-4ubuntu0.11+esm4",
            "libcupsmime1-dev": "2.1.3-4ubuntu0.11+esm4",
            "libcupsppdc1": "2.1.3-4ubuntu0.11+esm4",
            "libcupscgi1-dev": "2.1.3-4ubuntu0.11+esm4",
            "cups": "2.1.3-4ubuntu0.11+esm4",
            "cups-ipp-utils": "2.1.3-4ubuntu0.11+esm4",
            "cups-client": "2.1.3-4ubuntu0.11+esm4",
            "libcupsimage2-dev": "2.1.3-4ubuntu0.11+esm4",
            "libcupsmime1": "2.1.3-4ubuntu0.11+esm4",
            "cups-common": "2.1.3-4ubuntu0.11+esm4",
            "libcupsimage2": "2.1.3-4ubuntu0.11+esm4",
            "cups-server-common": "2.1.3-4ubuntu0.11+esm4",
            "libcupscgi1": "2.1.3-4ubuntu0.11+esm4",
            "libcupsppdc1-dev": "2.1.3-4ubuntu0.11+esm4",
            "cups-core-drivers": "2.1.3-4ubuntu0.11+esm4",
            "cups-ppdc": "2.1.3-4ubuntu0.11+esm4",
            "cups-bsd": "2.1.3-4ubuntu0.11+esm4",
            "cups-daemon": "2.1.3-4ubuntu0.11+esm4",
            "libcups2-dev": "2.1.3-4ubuntu0.11+esm4"
        }
    ]
}