Updated CUPS packages has been released for Ubuntu 19.04, 18.04 LTS, and 16.04 LTS
==========================================================================CUPS Security Update for Ubuntu
Ubuntu Security Notice USN-4105-1
August 20, 2019
cups vulnerabilities
==========================================================================
A security issue affects these releases of Ubuntu and its derivatives:
- Ubuntu 19.04
- Ubuntu 18.04 LTS
- Ubuntu 16.04 LTS
Summary:
Several security issues were fixed in CUPS.
Software Description:
- cups: Common UNIX Printing System(tm)
Details:
Stephan Zeisberg discovered that the CUPS SNMP backend incorrectly handled
encoded ASN.1 inputs. A remote attacker could possibly use this issue to
cause CUPS to crash by providing specially crafted network
traffic. (CVE-2019-8696, CVE-2019-8675)
It was discovered that CUPS did not properly handle client disconnection
events. A local attacker could possibly use this issue to cause a denial of
service or disclose memory from the CUPS server.
Update instructions:
The problem can be corrected by updating your system to the following
package versions:
Ubuntu 19.04:
cups 2.2.10-4ubuntu2.1
Ubuntu 18.04 LTS:
cups 2.2.7-1ubuntu2.7
Ubuntu 16.04 LTS:
cups 2.1.3-4ubuntu0.10
In general, a standard system update will make all the necessary changes.
References:
https://usn.ubuntu.com/4105-1
CVE-2019-8675, CVE-2019-8696
Package Information:
https://launchpad.net/ubuntu/+source/cups/2.2.10-4ubuntu2.1
https://launchpad.net/ubuntu/+source/cups/2.2.7-1ubuntu2.7
https://launchpad.net/ubuntu/+source/cups/2.1.3-4ubuntu0.10
