安全公告详情

NS-SA-2020-0102

2020-12-08 09:15:38

简介

moderate: cups/mariadb security update

严重级别

moderate

主题

An update for cups/mariadb is now available for NewStart CGSL MAIN 5.05/CGSL CORE 5.05.
NewStart Security has rated this update as having a security impact of moderate. A Common Vunlnerability Scoring System(CVSS)base score, which gives a detailed severity rating, is available for each vulnerability from the CVElink(s) in the References section.

详细描述

cups: CUPS printing system provides a portable printing layer for UNIX® operating systems. It has been developed by Apple Inc. to promote a standard printing solution for all UNIX vendors and users. CUPS provides the System V and Berkeley command-line interfaces.
mariadb: MariaDB is a community developed branch of MySQL. MariaDB is a multi-user, multi-threaded SQL database server. It is a client/server implementation consisting of a server daemon (mysqld) and many different client programs and libraries. The base package contains the standard MariaDB/MySQL client programs and generic MySQL files.


Security Fix(es):
cups: It was discovered that CUPS allows non-root users to pass environment variables to CUPS backends. Affected backends use attacker-controlled environment variables without proper sanitization. A local attacker, who is part of one of the groups specified in the SystemGroups directive, could use the cupsctl binary to set SetEnv and PassEnv directives and potentially controls the flow of the affected backend, resulting in some cases in arbitrary code execution with root privileges.(CVE-2018-4180)
cups: In macOS High Sierra before 10.13.5, an issue existed in CUPS. This issue was addressed with improved access restrictions.(CVE-2018-4181)
cups: The session cookie generated by the CUPS web interface was easy to guess on Linux, allowing unauthorized scripted access to the web interface when the web interface is enabled. This issue affected versions prior to v2.2.10.(CVE-2018-4300)
cups: ** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2018-4300. Reason: This candidate is a duplicate of CVE-2018-4300. Notes: All CVE users should reference CVE-2018-4300 instead of this candidate. All references and descriptions in this candidate have been removed to prevent accidental usage.(CVE-2018-4700)
cups: bugfix
mariadb: ulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server : Pluggable Auth). Supported versions that are affected are 5.6.44 and prior, 5.7.26 and prior and 8.0.16 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).(CVE-2019-2737)
mariadb: ulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Security: Privileges). Supported versions that are affected are 5.6.44 and prior, 5.7.26 and prior and 8.0.16 and prior. Easily exploitable vulnerability allows high privileged attacker with logon to the infrastructure where MySQL Server executes to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server as well as unauthorized update, insert or delete access to some of MySQL Server accessible data. CVSS 3.0 Base Score 5.1 (Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:L/A:H).(CVE-2019-2739)
mariadb: ulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: XML). Supported versions that are affected are 5.6.44 and prior, 5.7.26 and prior and 8.0.16 and prior. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 6.5 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H).(CVE-2019-2740)
mariadb: ulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Parser). Supported versions that are affected are 5.6.44 and prior, 5.7.26 and prior and 8.0.16 and prior. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 6.5 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H).(CVE-2019-2805)
mariadb: ulnerability in the MySQL Client product of Oracle MySQL (component: C API). Supported versions that are affected are 5.6.47 and prior, 5.7.29 and prior and 8.0.18 and prior. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise MySQL Client. Successful attacks of this vulnerability can result in unauthorized read access to a subset of MySQL Client accessible data. CVSS 3.0 Base Score 3.7 (Confidentiality impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N).(CVE-2020-2922)
mariadb: bugfix


Solution:
For details on how to apply this update, which includes the changes described in this advisory, refer to:
http://security.gd-linux.com/how_to_apply_patch.html
Remember the build tag is 5.05.F9B3.

影响组件

  • cups
  • mariadb

影响产品

  • CGSL MAIN 5.05
  • CGSL CORE 5.05

更新包

{"fix":[{"product":"CGSL MAIN 5.05","pkgs":[{"binary":["cups-1.6.3-43.el7.x86_64.rpm","cups-client-1.6.3-43.el7.x86_64.rpm","cups-devel-1.6.3-43.el7.x86_64.rpm","cups-ipptool-1.6.3-43.el7.x86_64.rpm","cups-libs-1.6.3-43.el7.x86_64.rpm","cups-lpd-1.6.3-43.el7.x86_64.rpm","cups-filesystem-1.6.3-43.el7.noarch.rpm","cups-debuginfo-1.6.3-43.el7.x86_64.rpm"],"source":"cups-1.6.3-43.el7.src.rpm"},{"binary":["mariadb-5.5.65-1.el7.x86_64.rpm","mariadb-libs-5.5.65-1.el7.x86_64.rpm","mariadb-bench-5.5.65-1.el7.x86_64.rpm","mariadb-debuginfo-5.5.65-1.el7.x86_64.rpm","mariadb-devel-5.5.65-1.el7.x86_64.rpm","mariadb-test-5.5.65-1.el7.x86_64.rpm","mariadb-embedded-5.5.65-1.el7.x86_64.rpm","mariadb-server-5.5.65-1.el7.x86_64.rpm","mariadb-embedded-devel-5.5.65-1.el7.x86_64.rpm"],"source":"mariadb-5.5.65-1.el7.src.rpm"}]},{"product":"CGSL CORE 5.05","pkgs":[{"binary":["cups-debuginfo-1.6.3-43.el7.x86_64.rpm","cups-1.6.3-43.el7.x86_64.rpm","cups-client-1.6.3-43.el7.x86_64.rpm","cups-filesystem-1.6.3-43.el7.noarch.rpm","cups-devel-1.6.3-43.el7.x86_64.rpm","cups-ipptool-1.6.3-43.el7.x86_64.rpm","cups-libs-1.6.3-43.el7.x86_64.rpm","cups-lpd-1.6.3-43.el7.x86_64.rpm"],"source":"cups-1.6.3-43.el7.src.rpm"},{"binary":["mariadb-embedded-devel-5.5.65-1.el7.x86_64.rpm","mariadb-5.5.65-1.el7.x86_64.rpm","mariadb-debuginfo-5.5.65-1.el7.x86_64.rpm","mariadb-bench-5.5.65-1.el7.x86_64.rpm","mariadb-devel-5.5.65-1.el7.x86_64.rpm","mariadb-embedded-5.5.65-1.el7.x86_64.rpm","mariadb-libs-5.5.65-1.el7.x86_64.rpm","mariadb-server-5.5.65-1.el7.x86_64.rpm","mariadb-test-5.5.65-1.el7.x86_64.rpm"],"source":"mariadb-5.5.65-1.el7.src.rpm"}]}]}

CVE

参考