EulerOS Virtualization for ARM 64 3.0.2.0 : cups (EulerOS-SA-2021-2120)

According to the versions of the cups package installed, the EulerOS Virtualization for ARM 64 installation on the remote host is affected by the following vulnerabilities : - In macOS High Sierra before 10.13.5, an issue existed in CUPS. This issue was addressed with improved access...

cups: Local privilege escalation to root due to insecure environment variable handling

It was discovered that CUPS allows non-root users to pass environment variables to CUPS backends. Affected backends use attacker-controlled environment variables without proper sanitization. A local attacker, who is part of one of the groups specified in the SystemGroups directive, could use the...

CVE-2018-4180

It was discovered that CUPS allows non-root users to pass environment variables to CUPS backends. Affected backends use attacker-controlled environment variables without proper sanitization. A local attacker, who is part of one of the groups specified in the SystemGroups directive, could use the...

cups security and bug fix update

1:1.4.2-67 - Revert change to whitelist /rss/ resources, as this was not used upstream. 1:1.4.2-66 - More STR 4461 fixes from upstream: make rss feeds world-readable, but cachedir private. - Fix icon display in web interface during server restart STR 4475. 1:1.4.2-65 - Fixes for upstream patch fo...