Red Hat Product Errata RHSA-2020:1050 - Security Advisory

Issued:: 2020-03-31
Updated:: 2020-03-31

RHSA-2020:1050 - Security Advisory

Overview
Updated Packages

Synopsis

Moderate: cups security and bug fix update

Type/Severity

Security Advisory: Moderate

Topic

An update for cups is now available for Red Hat Enterprise Linux 7.

Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.

Description

The Common UNIX Printing System (CUPS) provides a portable printing layer for Linux, UNIX, and similar operating systems.

Security Fix(es):

cups: Local privilege escalation to root due to insecure environment variable handling (CVE-2018-4180)
cups: Manipulation of cupsd.conf by a local attacker resulting in limited reads of arbitrary files as root (CVE-2018-4181)
cups: Predictable session cookie breaks CSRF protection (CVE-2018-4700)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

Additional Changes:

For detailed information on changes in this release, see the Red Hat Enterprise Linux 7.8 Release Notes linked from the References section.

Solution

For details on how to apply this update, which includes the changes described in this advisory, refer to:

https://access.redhat.com/articles/11258

After installing this update, the cupsd service will be restarted automatically.

Affected Products

Red Hat Enterprise Linux Server 7 x86_64
Red Hat Enterprise Linux Workstation 7 x86_64
Red Hat Enterprise Linux Desktop 7 x86_64
Red Hat Enterprise Linux for IBM z Systems 7 s390x
Red Hat Enterprise Linux for Power, big endian 7 ppc64
Red Hat Enterprise Linux for Scientific Computing 7 x86_64
Red Hat Enterprise Linux for Power, little endian 7 ppc64le

Fixes

BZ - 1607282 - CVE-2018-4180 cups: Local privilege escalation to root due to insecure environment variable handling
BZ - 1607291 - CVE-2018-4181 cups: Manipulation of cupsd.conf by a local attacker resulting in limited reads of arbitrary files as root
BZ - 1649347 - CVE-2018-4700 cups: Predictable session cookie breaks CSRF protection

CVEs

References

Note: More recent versions of these packages may be available. Click a package name for more details.

Red Hat Enterprise Linux Server 7

SRPM
cups-1.6.3-43.el7.src.rpm	SHA-256: 430bed12207a13945180dea4396b2323de5e1f1afdbe593596cc506efb590904
x86_64
cups-1.6.3-43.el7.x86_64.rpm	SHA-256: 5b5463a267023ffbe55bcbb9cfffff94e46b9e41ac2a7bd75f492d9508781f0b
cups-client-1.6.3-43.el7.x86_64.rpm	SHA-256: 15446ef2f60341a358aad412d7f990e6fae8ccc1e26c8de7961e30af8b47e6ae
cups-debuginfo-1.6.3-43.el7.i686.rpm	SHA-256: e7e565cfe45f1af80c61334f335384188ecc59026b363abe99dc333bb68013c1
cups-debuginfo-1.6.3-43.el7.x86_64.rpm	SHA-256: 839c14e46fd99b59ca096b3a1c89257109085a5a067d1e8e5f615bbbc684f7a8
cups-debuginfo-1.6.3-43.el7.x86_64.rpm	SHA-256: 839c14e46fd99b59ca096b3a1c89257109085a5a067d1e8e5f615bbbc684f7a8
cups-devel-1.6.3-43.el7.i686.rpm	SHA-256: 66fe484fd821515c4de118b860c82264a7fa5325f15ba3f3485965387986af04
cups-devel-1.6.3-43.el7.x86_64.rpm	SHA-256: ac5eaea77fd491c4c31cf260aba55942f8881095e37d4689a303129e09d50fe1
cups-filesystem-1.6.3-43.el7.noarch.rpm	SHA-256: f8b7dbd86eaa547ad1792d25915aee5d1a14196eb46865d4bb295d97aa374dcb
cups-ipptool-1.6.3-43.el7.x86_64.rpm	SHA-256: 1c2f58bd0ae6248fda9cbb18fcbcb5ad56811ce4775a37646452cfaf958415ec
cups-libs-1.6.3-43.el7.i686.rpm	SHA-256: 6d072d9c71cf48ee1fc8ef88e2693ac5e930776fa57655d4bd9f72ac90c4bef8
cups-libs-1.6.3-43.el7.x86_64.rpm	SHA-256: 79b23c7d1b6edc387c30bb0e3a8083c34c1275ddcda64366d8c4ec06bbdadd4e
cups-lpd-1.6.3-43.el7.x86_64.rpm	SHA-256: de3f3380637f71826e143cf2a25160d7e22a6227c4721d397d0971aed74d234b

Red Hat Enterprise Linux Workstation 7

SRPM
cups-1.6.3-43.el7.src.rpm	SHA-256: 430bed12207a13945180dea4396b2323de5e1f1afdbe593596cc506efb590904
x86_64
cups-1.6.3-43.el7.x86_64.rpm	SHA-256: 5b5463a267023ffbe55bcbb9cfffff94e46b9e41ac2a7bd75f492d9508781f0b
cups-client-1.6.3-43.el7.x86_64.rpm	SHA-256: 15446ef2f60341a358aad412d7f990e6fae8ccc1e26c8de7961e30af8b47e6ae
cups-debuginfo-1.6.3-43.el7.i686.rpm	SHA-256: e7e565cfe45f1af80c61334f335384188ecc59026b363abe99dc333bb68013c1
cups-debuginfo-1.6.3-43.el7.x86_64.rpm	SHA-256: 839c14e46fd99b59ca096b3a1c89257109085a5a067d1e8e5f615bbbc684f7a8
cups-debuginfo-1.6.3-43.el7.x86_64.rpm	SHA-256: 839c14e46fd99b59ca096b3a1c89257109085a5a067d1e8e5f615bbbc684f7a8
cups-devel-1.6.3-43.el7.i686.rpm	SHA-256: 66fe484fd821515c4de118b860c82264a7fa5325f15ba3f3485965387986af04
cups-devel-1.6.3-43.el7.x86_64.rpm	SHA-256: ac5eaea77fd491c4c31cf260aba55942f8881095e37d4689a303129e09d50fe1
cups-filesystem-1.6.3-43.el7.noarch.rpm	SHA-256: f8b7dbd86eaa547ad1792d25915aee5d1a14196eb46865d4bb295d97aa374dcb
cups-ipptool-1.6.3-43.el7.x86_64.rpm	SHA-256: 1c2f58bd0ae6248fda9cbb18fcbcb5ad56811ce4775a37646452cfaf958415ec
cups-libs-1.6.3-43.el7.i686.rpm	SHA-256: 6d072d9c71cf48ee1fc8ef88e2693ac5e930776fa57655d4bd9f72ac90c4bef8
cups-libs-1.6.3-43.el7.x86_64.rpm	SHA-256: 79b23c7d1b6edc387c30bb0e3a8083c34c1275ddcda64366d8c4ec06bbdadd4e
cups-lpd-1.6.3-43.el7.x86_64.rpm	SHA-256: de3f3380637f71826e143cf2a25160d7e22a6227c4721d397d0971aed74d234b

Red Hat Enterprise Linux Desktop 7

SRPM
cups-1.6.3-43.el7.src.rpm	SHA-256: 430bed12207a13945180dea4396b2323de5e1f1afdbe593596cc506efb590904
x86_64
cups-1.6.3-43.el7.x86_64.rpm	SHA-256: 5b5463a267023ffbe55bcbb9cfffff94e46b9e41ac2a7bd75f492d9508781f0b
cups-client-1.6.3-43.el7.x86_64.rpm	SHA-256: 15446ef2f60341a358aad412d7f990e6fae8ccc1e26c8de7961e30af8b47e6ae
cups-debuginfo-1.6.3-43.el7.i686.rpm	SHA-256: e7e565cfe45f1af80c61334f335384188ecc59026b363abe99dc333bb68013c1
cups-debuginfo-1.6.3-43.el7.i686.rpm	SHA-256: e7e565cfe45f1af80c61334f335384188ecc59026b363abe99dc333bb68013c1
cups-debuginfo-1.6.3-43.el7.x86_64.rpm	SHA-256: 839c14e46fd99b59ca096b3a1c89257109085a5a067d1e8e5f615bbbc684f7a8
cups-debuginfo-1.6.3-43.el7.x86_64.rpm	SHA-256: 839c14e46fd99b59ca096b3a1c89257109085a5a067d1e8e5f615bbbc684f7a8
cups-devel-1.6.3-43.el7.i686.rpm	SHA-256: 66fe484fd821515c4de118b860c82264a7fa5325f15ba3f3485965387986af04
cups-devel-1.6.3-43.el7.x86_64.rpm	SHA-256: ac5eaea77fd491c4c31cf260aba55942f8881095e37d4689a303129e09d50fe1
cups-filesystem-1.6.3-43.el7.noarch.rpm	SHA-256: f8b7dbd86eaa547ad1792d25915aee5d1a14196eb46865d4bb295d97aa374dcb
cups-ipptool-1.6.3-43.el7.x86_64.rpm	SHA-256: 1c2f58bd0ae6248fda9cbb18fcbcb5ad56811ce4775a37646452cfaf958415ec
cups-libs-1.6.3-43.el7.i686.rpm	SHA-256: 6d072d9c71cf48ee1fc8ef88e2693ac5e930776fa57655d4bd9f72ac90c4bef8
cups-libs-1.6.3-43.el7.x86_64.rpm	SHA-256: 79b23c7d1b6edc387c30bb0e3a8083c34c1275ddcda64366d8c4ec06bbdadd4e
cups-lpd-1.6.3-43.el7.x86_64.rpm	SHA-256: de3f3380637f71826e143cf2a25160d7e22a6227c4721d397d0971aed74d234b

Red Hat Enterprise Linux for IBM z Systems 7

SRPM
cups-1.6.3-43.el7.src.rpm	SHA-256: 430bed12207a13945180dea4396b2323de5e1f1afdbe593596cc506efb590904
s390x
cups-1.6.3-43.el7.s390x.rpm	SHA-256: 7a61c68274c1ff997c0cdb53ff4eff3bc6c89914f15f06aa72c2d77004d069db
cups-client-1.6.3-43.el7.s390x.rpm	SHA-256: 0c06f9510c2a328473fa5a835607e49aaac6491f21d61aac540c379d40577df0
cups-debuginfo-1.6.3-43.el7.s390.rpm	SHA-256: db889b87720dbb8023cd65e51b2ee96a04e20b076e4cee0d468c34059d0058f8
cups-debuginfo-1.6.3-43.el7.s390x.rpm	SHA-256: 125638f9e07f2878ec3c4375131fa6fce6d25bfe28f68bdf5d46da2919054756
cups-debuginfo-1.6.3-43.el7.s390x.rpm	SHA-256: 125638f9e07f2878ec3c4375131fa6fce6d25bfe28f68bdf5d46da2919054756
cups-devel-1.6.3-43.el7.s390.rpm	SHA-256: 7c45a670631e1bcc34dce03d4d0dbc5555e7d39d9f157086a73f7c39d8ba5472
cups-devel-1.6.3-43.el7.s390x.rpm	SHA-256: 23eb4c922f183ed121e5c9056a4d9cb6fdc0e0aa4e4e740bd4513c5be11ef794
cups-filesystem-1.6.3-43.el7.noarch.rpm	SHA-256: f8b7dbd86eaa547ad1792d25915aee5d1a14196eb46865d4bb295d97aa374dcb
cups-ipptool-1.6.3-43.el7.s390x.rpm	SHA-256: d1c22a0d939a73bd1886959cbc562a97d06582170ebeac8dc55a1a5a3a2d27ab
cups-libs-1.6.3-43.el7.s390.rpm	SHA-256: d620d9c537423ce683986b2d541a45e1e2aded8fcca49b2fab8e1fe588bad9d5
cups-libs-1.6.3-43.el7.s390x.rpm	SHA-256: 2271dec6649b0f6d4e9f5756de2cdab9c8fb4f5ceba015f3beedcc8a0810e15d
cups-lpd-1.6.3-43.el7.s390x.rpm	SHA-256: 0ed8736a02eb71b65878c0cdc66e2813e0303abc002c6c17fac57b16798abecd

Red Hat Enterprise Linux for Power, big endian 7

SRPM
cups-1.6.3-43.el7.src.rpm	SHA-256: 430bed12207a13945180dea4396b2323de5e1f1afdbe593596cc506efb590904
ppc64
cups-1.6.3-43.el7.ppc64.rpm	SHA-256: 337d4652ca135b798b7822a48a299e90723cdb385f6f3f9713f03ed08691ba47
cups-client-1.6.3-43.el7.ppc64.rpm	SHA-256: 085eaec3c1aee02e85ae30cf54231e6b917934b0b049fa8453a44d68dd543ae8
cups-debuginfo-1.6.3-43.el7.ppc.rpm	SHA-256: 9bbe54a1e332541cb514bdc5c05a339b735deb8d234d2aa3650f759dd85f1e35
cups-debuginfo-1.6.3-43.el7.ppc64.rpm	SHA-256: 201185f4188cfd59ece8ea8ea29d3fe12fa0720502e868b82fbaa4e758fff60a
cups-debuginfo-1.6.3-43.el7.ppc64.rpm	SHA-256: 201185f4188cfd59ece8ea8ea29d3fe12fa0720502e868b82fbaa4e758fff60a
cups-devel-1.6.3-43.el7.ppc.rpm	SHA-256: 81dfd8c09e8531b29307b93fea10170f5994bb288cd3563e372fb13c15c4fbb5
cups-devel-1.6.3-43.el7.ppc64.rpm	SHA-256: 84df83ea883fdbbc95ad8ae913a1ee3f850ef0f3a2c8d4290458f0650bf6ce50
cups-filesystem-1.6.3-43.el7.noarch.rpm	SHA-256: f8b7dbd86eaa547ad1792d25915aee5d1a14196eb46865d4bb295d97aa374dcb
cups-ipptool-1.6.3-43.el7.ppc64.rpm	SHA-256: c4d4f67305b476d1ca6f603f1b97faf04acfa9a4c31e375c116b103cc6de7e3a
cups-libs-1.6.3-43.el7.ppc.rpm	SHA-256: c42a37742bc515f41bda6f1a7e23ca7384ce2e5740c3954d63be22b5620b8c5c
cups-libs-1.6.3-43.el7.ppc64.rpm	SHA-256: 2b91c72ad62402665ab2c08d3cdf411e326b753d78138114d6dbed6831e33a41
cups-lpd-1.6.3-43.el7.ppc64.rpm	SHA-256: a650c2c01165896273e7cf2d793072e6ce778dea5422773dc6e5fa6a96f7fd22

Red Hat Enterprise Linux for Scientific Computing 7

SRPM
cups-1.6.3-43.el7.src.rpm	SHA-256: 430bed12207a13945180dea4396b2323de5e1f1afdbe593596cc506efb590904
x86_64
cups-1.6.3-43.el7.x86_64.rpm	SHA-256: 5b5463a267023ffbe55bcbb9cfffff94e46b9e41ac2a7bd75f492d9508781f0b
cups-client-1.6.3-43.el7.x86_64.rpm	SHA-256: 15446ef2f60341a358aad412d7f990e6fae8ccc1e26c8de7961e30af8b47e6ae
cups-debuginfo-1.6.3-43.el7.i686.rpm	SHA-256: e7e565cfe45f1af80c61334f335384188ecc59026b363abe99dc333bb68013c1
cups-debuginfo-1.6.3-43.el7.i686.rpm	SHA-256: e7e565cfe45f1af80c61334f335384188ecc59026b363abe99dc333bb68013c1
cups-debuginfo-1.6.3-43.el7.x86_64.rpm	SHA-256: 839c14e46fd99b59ca096b3a1c89257109085a5a067d1e8e5f615bbbc684f7a8
cups-debuginfo-1.6.3-43.el7.x86_64.rpm	SHA-256: 839c14e46fd99b59ca096b3a1c89257109085a5a067d1e8e5f615bbbc684f7a8
cups-devel-1.6.3-43.el7.i686.rpm	SHA-256: 66fe484fd821515c4de118b860c82264a7fa5325f15ba3f3485965387986af04
cups-devel-1.6.3-43.el7.x86_64.rpm	SHA-256: ac5eaea77fd491c4c31cf260aba55942f8881095e37d4689a303129e09d50fe1
cups-filesystem-1.6.3-43.el7.noarch.rpm	SHA-256: f8b7dbd86eaa547ad1792d25915aee5d1a14196eb46865d4bb295d97aa374dcb
cups-ipptool-1.6.3-43.el7.x86_64.rpm	SHA-256: 1c2f58bd0ae6248fda9cbb18fcbcb5ad56811ce4775a37646452cfaf958415ec
cups-libs-1.6.3-43.el7.i686.rpm	SHA-256: 6d072d9c71cf48ee1fc8ef88e2693ac5e930776fa57655d4bd9f72ac90c4bef8
cups-libs-1.6.3-43.el7.x86_64.rpm	SHA-256: 79b23c7d1b6edc387c30bb0e3a8083c34c1275ddcda64366d8c4ec06bbdadd4e
cups-lpd-1.6.3-43.el7.x86_64.rpm	SHA-256: de3f3380637f71826e143cf2a25160d7e22a6227c4721d397d0971aed74d234b

Red Hat Enterprise Linux for Power, little endian 7

SRPM
cups-1.6.3-43.el7.src.rpm	SHA-256: 430bed12207a13945180dea4396b2323de5e1f1afdbe593596cc506efb590904
ppc64le
cups-1.6.3-43.el7.ppc64le.rpm	SHA-256: f7c141207eb369775f97af09d27222aa45aad85fb901bca179d5427234985b38
cups-client-1.6.3-43.el7.ppc64le.rpm	SHA-256: ee777fac47c3582f8d6a7e0fbd981aa80ca029f197b210ea3d7a954a870267df
cups-debuginfo-1.6.3-43.el7.ppc64le.rpm	SHA-256: 869b24f457c1a87854fd341ce24406844f64610f753f71db91cbdf3e6cfdaf4a
cups-debuginfo-1.6.3-43.el7.ppc64le.rpm	SHA-256: 869b24f457c1a87854fd341ce24406844f64610f753f71db91cbdf3e6cfdaf4a
cups-devel-1.6.3-43.el7.ppc64le.rpm	SHA-256: 0aac0e60f9a1807423b442d35f0c3af031e564920cbc0672aa2ec7070f5d28ad
cups-filesystem-1.6.3-43.el7.noarch.rpm	SHA-256: f8b7dbd86eaa547ad1792d25915aee5d1a14196eb46865d4bb295d97aa374dcb
cups-ipptool-1.6.3-43.el7.ppc64le.rpm	SHA-256: 75d149fcfcf397817cb9522b3ffd917cd39a3e079103430f5afda97073bbf9a7
cups-libs-1.6.3-43.el7.ppc64le.rpm	SHA-256: bc668c11a4ca9ebfca0d7a804c63170b28fdc4ef094c744487078bd2e9bfb3ae
cups-lpd-1.6.3-43.el7.ppc64le.rpm	SHA-256: f7fadbe106cc138905857a94aff42b6c1bcc5b1c033fe202c4406f6ea02fd856

The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/.

Log in to Your Red Hat Account

Red Hat Account

Customer Portal

Select Your Language

Infrastructure and Management

Cloud Computing

Storage

Runtimes

Integration and Automation

Services

Tools

Red Hat Insights

Red Hat Product Security Center

Security Updates

Resources

Customer Portal Community

Customer Events

Stories