diff options
| author | Didier Raboud <odyx@debian.org> | 2018-07-12 18:48:48 +0200 |
|---|---|---|
| committer | Didier Raboud <odyx@debian.org> | 2018-07-11 11:29:27 +0200 |
| commit | a5048903135d42817f8288b72038445f4c6eca9f (patch) | |
| tree | c1737fabf7bc51f27273a1dcd9db38f8eba9062b | |
| parent | 42476b30f7654a1222f990c977125625598219eb (diff) | |
cups 2.2.8-5 Debian releasedebian/2.2.8-5archive/debian/2.2.8-5
| -rw-r--r-- | debian/changelog | 14 |
1 files changed, 14 insertions, 0 deletions
diff --git a/debian/changelog b/debian/changelog index c9005beaf..51533feca 100644 --- a/debian/changelog +++ b/debian/changelog @@ -1,3 +1,17 @@ +cups (2.2.8-5) unstable; urgency=high + + * CVE-2018-6553: Fix AppArmor cupsd sandbox bypass due to use of hard links + (Closes: #903605) + * All these were fixed in 2.2.8: + - CVE-2018-4180 Local Privilege Escalation to Root in dnssd Backend + (CUPS_SERVERBIN) + - CVE-2018-4181 Limited Local File Reads as Root via cupsd.conf Include + Directive + - CVE-2018-4182 cups-exec Sandbox Bypass Due to Insecure Error Handling + - CVE-2018-4183 cups-exec Sandbox Bypass Due to Profile Misconfiguration + + -- Didier Raboud <odyx@debian.org> Thu, 12 Jul 2018 18:48:48 +0200 + cups (2.2.8-4) unstable; urgency=medium * Backport upstream patches: |