ID

VAR-201802-0492

CVE

CVE-2017-18190

TITLE

CUPS Vulnerabilities related to security functions

DESCRIPTION

A localhost.localdomain whitelist entry in valid_host() in scheduler/client.c in CUPS before 2.2.2 allows remote attackers to execute arbitrary IPP commands by sending POST requests to the CUPS daemon in conjunction with DNS rebinding. The localhost.localdomain name is often resolved via a DNS server (neither the OS nor the web browser is responsible for ensuring that localhost.localdomain is 127.0.0.1). CUPS Contains vulnerabilities related to security features.Information may be tampered with. The system is based on the Internet Printing Protocol (IPP) and provides most PostScript and raster printer services. This vulnerability can be used to execute arbitrary IPP commands. Description: Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments. Bug Fix(es): * Gather image registry config (backport to 4.3) (BZ#1836815) * Builds fail after running postCommit script if OCP cluster is configured with a container registry whitelist (BZ#1849176) * Login with OpenShift not working after cluster upgrade (BZ#1852429) * Limit the size of gathered federated metrics from alerts in Insights Operator (BZ#1874018) * [4.3] Storage operator stops reconciling when going Upgradeable=False on v1alpha1 CRDs (BZ#1879110) * [release 4.3] OpenShift APIs become unavailable for more than 15 minutes after one of master nodes went down(OAuth) (BZ#1880293) You may download the oc tool and use it to inspect release image metadata as follows: (For x86_64 architecture) $ oc adm release info quay.io/openshift-release-dev/ocp-release:4.3.40-x86_64 The image digest is sha256:9ff90174a170379e90a9ead6e0d8cf6f439004191f80762764a5ca3dbaab01dc (For s390x architecture) $ oc adm release info quay.io/openshift-release-dev/ocp-release:4.3.40-s390x The image digest is sha256:605ddde0442e604cfe2d6bd1541ce48df5956fe626edf9cc95b1fca75d231b64 (For ppc64le architecture) $ oc adm release info quay.io/openshift-release-dev/ocp-release:4.3.40-ppc64le The image digest is sha256:d3c9e391c145338eae3feb7f6a4e487dadc8139a353117d642fe686d277bcccc 3. Solution: For OpenShift Container Platform 4.3 see the following documentation, which will be updated shortly for this release, for important instructions on how to upgrade your cluster and fully apply this asynchronous errata update: https://docs.openshift.com/container-platform/4.3/release_notes/ocp-4-3-rel ease-notes.html Details on how to access this content are available at https://docs.openshift.com/container-platform/4.3/updating/updating-cluster - -cli.html. Bugs fixed (https://bugzilla.redhat.com/): 1804533 - CVE-2020-9283 golang.org/x/crypto: Processing of crafted ssh-ed25519 public keys allows for panic 1836815 - Gather image registry config (backport to 4.3) 1849176 - Builds fail after running postCommit script if OCP cluster is configured with a container registry whitelist 1874018 - Limit the size of gathered federated metrics from alerts in Insights Operator 1874399 - [DR] etcd-member-recover.sh fails to pull image with unauthorized 1879110 - [4.3] Storage operator stops reconciling when going Upgradeable=False on v1alpha1 CRDs 5. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 ==================================================================== Red Hat Security Advisory Synopsis: Moderate: cups security and bug fix update Advisory ID: RHSA-2020:3864-01 Product: Red Hat Enterprise Linux Advisory URL: https://access.redhat.com/errata/RHSA-2020:3864 Issue date: 2020-09-29 CVE Names: CVE-2017-18190 CVE-2019-8675 CVE-2019-8696 ==================================================================== 1. Summary: An update for cups is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. 2. Relevant releases/architectures: Red Hat Enterprise Linux Client (v. 7) - noarch, x86_64 Red Hat Enterprise Linux Client Optional (v. 7) - x86_64 Red Hat Enterprise Linux ComputeNode (v. 7) - noarch, x86_64 Red Hat Enterprise Linux ComputeNode Optional (v. 7) - x86_64 Red Hat Enterprise Linux Server (v. 7) - noarch, ppc64, ppc64le, s390x, x86_64 Red Hat Enterprise Linux Server Optional (v. 7) - ppc64, ppc64le, s390x, x86_64 Red Hat Enterprise Linux Workstation (v. 7) - noarch, x86_64 Red Hat Enterprise Linux Workstation Optional (v. 7) - x86_64 3. Description: The Common UNIX Printing System (CUPS) provides a portable printing layer for Linux, UNIX, and similar operating systems. Security Fix(es): * cups: DNS rebinding attacks via incorrect whitelist (CVE-2017-18190) * cups: stack-buffer-overflow in libcups's asn1_get_type function (CVE-2019-8675) * cups: stack-buffer-overflow in libcups's asn1_get_packed function (CVE-2019-8696) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Additional Changes: For detailed information on changes in this release, see the Red Hat Enterprise Linux 7.9 Release Notes linked from the References section. 4. Solution: For details on how to apply this update, which includes the changes described in this advisory, refer to: https://access.redhat.com/articles/11258 After installing this update, the cupsd service will be restarted automatically. 5. Bugs fixed (https://bugzilla.redhat.com/): 1546395 - CVE-2017-18190 cups: DNS rebinding attacks via incorrect whitelist 1715907 - CUPS- client: cupsGetPPD3() function tries to load PPD from IPP printer and not from the CUPS queue 1738455 - CVE-2019-8675 cups: stack-buffer-overflow in libcups's asn1_get_type function 1738497 - CVE-2019-8696 cups: stack-buffer-overflow in libcups's asn1_get_packed function 6. Package List: Red Hat Enterprise Linux Client (v. 7): Source: cups-1.6.3-51.el7.src.rpm noarch: cups-filesystem-1.6.3-51.el7.noarch.rpm x86_64: cups-1.6.3-51.el7.x86_64.rpm cups-client-1.6.3-51.el7.x86_64.rpm cups-debuginfo-1.6.3-51.el7.i686.rpm cups-debuginfo-1.6.3-51.el7.x86_64.rpm cups-libs-1.6.3-51.el7.i686.rpm cups-libs-1.6.3-51.el7.x86_64.rpm cups-lpd-1.6.3-51.el7.x86_64.rpm Red Hat Enterprise Linux Client Optional (v. 7): x86_64: cups-debuginfo-1.6.3-51.el7.i686.rpm cups-debuginfo-1.6.3-51.el7.x86_64.rpm cups-devel-1.6.3-51.el7.i686.rpm cups-devel-1.6.3-51.el7.x86_64.rpm cups-ipptool-1.6.3-51.el7.x86_64.rpm Red Hat Enterprise Linux ComputeNode (v. 7): Source: cups-1.6.3-51.el7.src.rpm noarch: cups-filesystem-1.6.3-51.el7.noarch.rpm x86_64: cups-1.6.3-51.el7.x86_64.rpm cups-client-1.6.3-51.el7.x86_64.rpm cups-debuginfo-1.6.3-51.el7.i686.rpm cups-debuginfo-1.6.3-51.el7.x86_64.rpm cups-libs-1.6.3-51.el7.i686.rpm cups-libs-1.6.3-51.el7.x86_64.rpm cups-lpd-1.6.3-51.el7.x86_64.rpm Red Hat Enterprise Linux ComputeNode Optional (v. 7): x86_64: cups-debuginfo-1.6.3-51.el7.i686.rpm cups-debuginfo-1.6.3-51.el7.x86_64.rpm cups-devel-1.6.3-51.el7.i686.rpm cups-devel-1.6.3-51.el7.x86_64.rpm cups-ipptool-1.6.3-51.el7.x86_64.rpm Red Hat Enterprise Linux Server (v. 7): Source: cups-1.6.3-51.el7.src.rpm noarch: cups-filesystem-1.6.3-51.el7.noarch.rpm ppc64: cups-1.6.3-51.el7.ppc64.rpm cups-client-1.6.3-51.el7.ppc64.rpm cups-debuginfo-1.6.3-51.el7.ppc.rpm cups-debuginfo-1.6.3-51.el7.ppc64.rpm cups-devel-1.6.3-51.el7.ppc.rpm cups-devel-1.6.3-51.el7.ppc64.rpm cups-libs-1.6.3-51.el7.ppc.rpm cups-libs-1.6.3-51.el7.ppc64.rpm cups-lpd-1.6.3-51.el7.ppc64.rpm ppc64le: cups-1.6.3-51.el7.ppc64le.rpm cups-client-1.6.3-51.el7.ppc64le.rpm cups-debuginfo-1.6.3-51.el7.ppc64le.rpm cups-devel-1.6.3-51.el7.ppc64le.rpm cups-libs-1.6.3-51.el7.ppc64le.rpm cups-lpd-1.6.3-51.el7.ppc64le.rpm s390x: cups-1.6.3-51.el7.s390x.rpm cups-client-1.6.3-51.el7.s390x.rpm cups-debuginfo-1.6.3-51.el7.s390.rpm cups-debuginfo-1.6.3-51.el7.s390x.rpm cups-devel-1.6.3-51.el7.s390.rpm cups-devel-1.6.3-51.el7.s390x.rpm cups-libs-1.6.3-51.el7.s390.rpm cups-libs-1.6.3-51.el7.s390x.rpm cups-lpd-1.6.3-51.el7.s390x.rpm x86_64: cups-1.6.3-51.el7.x86_64.rpm cups-client-1.6.3-51.el7.x86_64.rpm cups-debuginfo-1.6.3-51.el7.i686.rpm cups-debuginfo-1.6.3-51.el7.x86_64.rpm cups-devel-1.6.3-51.el7.i686.rpm cups-devel-1.6.3-51.el7.x86_64.rpm cups-libs-1.6.3-51.el7.i686.rpm cups-libs-1.6.3-51.el7.x86_64.rpm cups-lpd-1.6.3-51.el7.x86_64.rpm Red Hat Enterprise Linux Server Optional (v. 7): ppc64: cups-debuginfo-1.6.3-51.el7.ppc64.rpm cups-ipptool-1.6.3-51.el7.ppc64.rpm ppc64le: cups-debuginfo-1.6.3-51.el7.ppc64le.rpm cups-ipptool-1.6.3-51.el7.ppc64le.rpm s390x: cups-debuginfo-1.6.3-51.el7.s390x.rpm cups-ipptool-1.6.3-51.el7.s390x.rpm x86_64: cups-debuginfo-1.6.3-51.el7.x86_64.rpm cups-ipptool-1.6.3-51.el7.x86_64.rpm Red Hat Enterprise Linux Workstation (v. 7): Source: cups-1.6.3-51.el7.src.rpm noarch: cups-filesystem-1.6.3-51.el7.noarch.rpm x86_64: cups-1.6.3-51.el7.x86_64.rpm cups-client-1.6.3-51.el7.x86_64.rpm cups-debuginfo-1.6.3-51.el7.i686.rpm cups-debuginfo-1.6.3-51.el7.x86_64.rpm cups-devel-1.6.3-51.el7.i686.rpm cups-devel-1.6.3-51.el7.x86_64.rpm cups-libs-1.6.3-51.el7.i686.rpm cups-libs-1.6.3-51.el7.x86_64.rpm cups-lpd-1.6.3-51.el7.x86_64.rpm Red Hat Enterprise Linux Workstation Optional (v. 7): x86_64: cups-debuginfo-1.6.3-51.el7.x86_64.rpm cups-ipptool-1.6.3-51.el7.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/ 7. References: https://access.redhat.com/security/cve/CVE-2017-18190 https://access.redhat.com/security/cve/CVE-2019-8675 https://access.redhat.com/security/cve/CVE-2019-8696 https://access.redhat.com/security/updates/classification/#moderate https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/7/html/7.9_release_notes/index 8. Contact: The Red Hat security contact is <secalert@redhat.com>. More contact details at https://access.redhat.com/security/team/contact/ Copyright 2020 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iQIVAwUBX3OfSNzjgjWX9erEAQip1g//fGQ6FQsoJ/QpnHB9KiGT507Wl0HwxQYz FaaarvC/P+E78cXLDikMs/eIY9dIXeyOZyPja/u4sNSwl/ZwPxqrm7ikV0va3UrE +NciXotVICT59ONqmFwNoBsAkxHG84hDxuhRKe8MDgJQWrOruXsbzxzznQam6s4v etRS7p8TPKDyYCGqQui8WRvFWQtVbtFHGR7Gnz5AMkTFanUqU9dxQu070UbUtkNl 6TpB++/AU9X48a/RkLlt7rgtEAT0eG0VJkPUxhollegIWxTq6ICuKwLcnH7jnphD nY5DEUE7NdP8rPkw9XKnKSlkIR68M3SMDhu/cfvwfj0QzsjzERRNdOIbKiFiV3/w Ayp2r2r9XxWAUXp7Rgm6meRlmNv+lTAyTXLVo3VrtGpU6221vszaiLhlQikqExsu 9DwvLWMyabQrdv+eWCYCRYyz/oiv+j7LjB6sN83baF9nF7WBSTIeTVq3ZgMo/orX vWmaRdN0ozVtKKsVGtns7Cb9UUIpU2h903i3VNa6SJKS1TyiqvkfG7Yq+h63BDyw CB3c0K/3W/KX9GhbqVLM/q45xBPkqCCliSoeibSL+LgbgAXokIXd4Pen9C76h6g2 FsI6JQ/SQ8iPaXDyWd8P7BVANKBIL/tXknRCQSUjC7mGJA372/euzQw98+FYCUzq RML7ea/mqjI=bzrd -----END PGP SIGNATURE----- -- RHSA-announce mailing list RHSA-announce@redhat.com https://www.redhat.com/mailman/listinfo/rhsa-announce . ========================================================================== Ubuntu Security Notice USN-3577-1 February 21, 2018 cups vulnerability ========================================================================== A security issue affects these releases of Ubuntu and its derivatives: - Ubuntu 16.04 LTS - Ubuntu 14.04 LTS Summary: CUPS could be made to provide access to printers over the network. Software Description: - cups: Common UNIX Printing System(tm) Details: Jann Horn discovered that CUPS permitted HTTP requests with the Host header set to "localhost.localdomain" from the loopback interface. If a user were tricked in to opening a specially crafted website in their web browser, an attacker could potentially exploit this to obtain sensitive information or control printers, via a DNS rebinding attack. (CVE-2017-18190) Update instructions: The problem can be corrected by updating your system to the following package versions: Ubuntu 16.04 LTS: cups 2.1.3-4ubuntu0.4 Ubuntu 14.04 LTS: cups 1.7.2-0ubuntu1.9 In general, a standard system update will make all the necessary changes

AFFECTED PRODUCTS

CVSS

PROBLEMTYPE DATA

THREAT TYPE

remote

TYPE

security feature problem

CONFIGURATIONS

EXPLOIT AVAILABILITY

PATCH

EXTERNAL IDS

REFERENCES

CREDITS

Red Hat

SOURCES

LAST UPDATE DATE

2024-08-14T12:33:12.366000+00:00

SOURCES UPDATE DATE

SOURCES RELEASE DATE