Overview

File _patchinfo of Package patchinfo.7785

<patchinfo incident="7785">
  <issue tracker="bnc" id="1096408"></issue>
  <issue tracker="bnc" id="1096405"></issue>
  <issue tracker="bnc" id="1096407"></issue>
  <issue tracker="bnc" id="1096406"></issue>
  <issue tracker="cve" id="2018-4182"/>
  <issue tracker="cve" id="2018-4183"/>
  <issue tracker="cve" id="2018-4180"/>
  <issue tracker="cve" id="2018-4181"/>
  <category>security</category>
  <rating>moderate</rating>
  <packager>jsmeix</packager>
  <description>This update for cups fixes the following issues:

The following security vulnerabilities were fixed:

- Fixed a local privilege escalation to root and sandbox bypasses in the
  scheduler
- CVE-2018-4180: Fixed a local privilege escalation to root in dnssd backend
  (bsc#1096405)
- CVE-2018-4181: Limited local file reads as root via cupsd.conf include
  directive (bsc#1096406)
- CVE-2018-4182: Fixed a sandbox bypass due to insecure error handling
  (bsc#1096407)
- CVE-2018-4183: Fixed a sandbox bypass due to profile misconfiguration
  (bsc#1096408)
</description>
  <summary>Security update for cups</summary>
</patchinfo>
openSUSE Build Service is sponsored by
Places