This an Ububtu specific issue: The CUPS AppArmor profile incorrectly confined the dnssd backend due to use of hard links. A local attacker could possibly use this issue to escape confinement. This flaw affects versions prior to 2.2.7-1ubuntu2.1 in Ubuntu 18.04 LTS, prior to 2.2.4-7ubuntu3.1 in Ubuntu 17.10, prior to 2.1.3-4ubuntu0.5 in Ubuntu 16.04 LTS, and prior to 1.7.2-0ubuntu1.10 in Ubuntu 14.04 LTS
Signed-off-by: Steve Sakoman <[email protected]> Signed-off-by: Richard Purdie <[email protected]> (cherry picked from commit 22e89983a8f83a369d83bc67e4f3492bc50db648) Signed-off-by: Steve Sakoman <[email protected]> --- meta/recipes-extended/cups/cups.inc | 3 +++ 1 file changed, 3 insertions(+) diff --git a/meta/recipes-extended/cups/cups.inc b/meta/recipes-extended/cups/cups.inc index c5a60bde12..9b4b2a9b13 100644 --- a/meta/recipes-extended/cups/cups.inc +++ b/meta/recipes-extended/cups/cups.inc @@ -18,6 +18,9 @@ SRC_URI = "https://github.com/apple/cups/releases/download/v${PV}/${BP}-source.t UPSTREAM_CHECK_URI = "https://github.com/apple/cups/releases"; UPSTREAM_CHECK_REGEX = "cups-(?P<pver>\d+\.\d+(\.\d+)?)-source.tar" +# This is an Ubuntu only issue. +CVE_CHECK_WHITELIST += "CVE-2018-6553" + LEAD_SONAME = "libcupsdriver.so" CLEANBROKEN = "1" -- 2.17.1
-=-=-=-=-=-=-=-=-=-=-=- Links: You receive all messages sent to this group. View/Reply Online (#146285): https://lists.openembedded.org/g/openembedded-core/message/146285 Mute This Topic: https://lists.openembedded.org/mt/79279332/21656 Group Owner: [email protected] Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub [[email protected]] -=-=-=-=-=-=-=-=-=-=-=-
