========================================================================== Ubuntu Security Notice USN-4340-1 April 27, 2020 cups vulnerabilities ========================================================================== A security issue affects these releases of Ubuntu and its derivatives: - Ubuntu 20.04 - Ubuntu 19.10 - Ubuntu 18.04 LTS - Ubuntu 16.04 LTS Summary: Several security issues were fixed in CUPS. Software Description: - cups: Common UNIX Printing System(tm) Details: It was discovered that CUPS incorrectly handled certain language values. A local attacker could possibly use this issue to cause CUPS to crash, leading to a denial of service, or possibly obtain sensitive information. This issue only applied to Ubuntu 16.04 LTS, Ubuntu 18.04 LTS, and Ubuntu 19.10. (CVE-2019-2228) Stephan Zeisberg discovered that CUPS incorrectly handled certain malformed ppd files. A local attacker could possibly use this issue to execute arbitrary code. (CVE-2020-3898) Update instructions: The problem can be corrected by updating your system to the following package versions: Ubuntu 20.04: cups 2.3.1-9ubuntu1.1 Ubuntu 19.10: cups 2.2.12-2ubuntu1.1 Ubuntu 18.04 LTS: cups 2.2.7-1ubuntu2.8 Ubuntu 16.04 LTS: cups 2.1.3-4ubuntu0.11 In general, a standard system update will make all the necessary changes. References: https://usn.ubuntu.com/4340-1 CVE-2019-2228, CVE-2020-3898 Package Information: https://launchpad.net/ubuntu/+source/cups/2.3.1-9ubuntu1.1 https://launchpad.net/ubuntu/+source/cups/2.2.12-2ubuntu1.1 https://launchpad.net/ubuntu/+source/cups/2.2.7-1ubuntu2.8 https://launchpad.net/ubuntu/+source/cups/2.1.3-4ubuntu0.11