SUSE-SU-2018:4089-1

Опубликовано: 12 дек. 2018

Источник: suse-cvrf

Описание

Security update for cups

This update for cups fixes the following issues:

Security issue fixed:

CVE-2018-4700: Fixed extremely predictable cookie generation that is effectively breaking the CSRF protection of the CUPS web interface (bsc#1115750).

Список пакетов

SUSE Linux Enterprise Desktop 12 SP3

cups-1.7.5-20.20.1

cups-client-1.7.5-20.20.1

cups-libs-1.7.5-20.20.1

cups-libs-32bit-1.7.5-20.20.1

SUSE Linux Enterprise Desktop 12 SP4

cups-1.7.5-20.20.1

cups-client-1.7.5-20.20.1

cups-libs-1.7.5-20.20.1

cups-libs-32bit-1.7.5-20.20.1

SUSE Linux Enterprise Server 12 SP3

cups-1.7.5-20.20.1

cups-client-1.7.5-20.20.1

cups-libs-1.7.5-20.20.1

cups-libs-32bit-1.7.5-20.20.1

SUSE Linux Enterprise Server 12 SP4

cups-1.7.5-20.20.1

cups-client-1.7.5-20.20.1

cups-libs-1.7.5-20.20.1

cups-libs-32bit-1.7.5-20.20.1

SUSE Linux Enterprise Server for SAP Applications 12 SP3

cups-1.7.5-20.20.1

cups-client-1.7.5-20.20.1

cups-libs-1.7.5-20.20.1

cups-libs-32bit-1.7.5-20.20.1

SUSE Linux Enterprise Server for SAP Applications 12 SP4

cups-1.7.5-20.20.1

cups-client-1.7.5-20.20.1

cups-libs-1.7.5-20.20.1

cups-libs-32bit-1.7.5-20.20.1

SUSE Linux Enterprise Software Development Kit 12 SP3

cups-ddk-1.7.5-20.20.1

cups-devel-1.7.5-20.20.1

SUSE Linux Enterprise Software Development Kit 12 SP4

cups-ddk-1.7.5-20.20.1

cups-devel-1.7.5-20.20.1

Ссылки

https://www.suse.com/support/update/announcement/2018/suse-su-20184089-1/
Link for SUSE-SU-2018:4089-1
https://lists.suse.com/pipermail/sle-security-updates/2018-December/004958.html
E-Mail link for SUSE-SU-2018:4089-1
https://www.suse.com/support/security/rating/
SUSE Security Ratings
https://bugzilla.suse.com/1115750
SUSE Bug 1115750
https://www.suse.com/security/cve/CVE-2018-4700/
SUSE CVE CVE-2018-4700 page

Описание

DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2018-4300. Reason: This candidate is a duplicate of CVE-2018-4300. Notes: All CVE users should reference CVE-2018-4300 instead of this candidate. All references and descriptions in this candidate have been removed to prevent accidental usage

Затронутые продукты

SUSE Linux Enterprise Desktop 12 SP3:cups-1.7.5-20.20.1

SUSE Linux Enterprise Desktop 12 SP3:cups-client-1.7.5-20.20.1

SUSE Linux Enterprise Desktop 12 SP3:cups-libs-1.7.5-20.20.1

SUSE Linux Enterprise Desktop 12 SP3:cups-libs-32bit-1.7.5-20.20.1

Ссылки

https://www.suse.com/security/cve/CVE-2018-4700.html
CVE-2018-4700
https://bugzilla.suse.com/1115750
SUSE Bug 1115750
https://bugzilla.suse.com/1131480
SUSE Bug 1131480

SUSE-SU-2018:4089-1

Описание

Список пакетов

SUSE Linux Enterprise Desktop 12 SP3

SUSE Linux Enterprise Desktop 12 SP4

SUSE Linux Enterprise Server 12 SP3

SUSE Linux Enterprise Server 12 SP4

SUSE Linux Enterprise Server for SAP Applications 12 SP3

SUSE Linux Enterprise Server for SAP Applications 12 SP4

SUSE Linux Enterprise Software Development Kit 12 SP3

SUSE Linux Enterprise Software Development Kit 12 SP4

Ссылки

Уязвимость: CVE-2018-4700

Описание

Затронутые продукты

Ссылки