Upstream information

CVE-2014-5031 at MITRE

Description

The web interface in CUPS before 2.0 does not check that files have world-readable permissions, which allows remote attackers to obtains sensitive information via unspecified vectors.

SUSE information

SUSE Bugzilla entry: 887240 [RESOLVED / FIXED]

SUSE Security Advisories:

List of released packages

Product(s) Fixed package version(s) References
SUSE Linux Enterprise Desktop 11 SP3
  • cups >= 1.3.9-8.46.52.2
  • cups-client >= 1.3.9-8.46.52.2
  • cups-libs >= 1.3.9-8.46.52.2
  • cups-libs-32bit >= 1.3.9-8.46.52.2
Patchnames:
sledsp3-cups
SUSE Linux Enterprise Desktop 12
  • cups >= 1.7.5-2.7
  • cups-client >= 1.7.5-2.7
  • cups-libs >= 1.7.5-2.7
  • cups-libs-32bit >= 1.7.5-2.7
Patchnames:
SUSE Linux Enterprise Desktop 12 GA cups
SUSE Linux Enterprise Desktop 12 SP1
  • cups >= 1.7.5-9.1
  • cups-client >= 1.7.5-9.1
  • cups-libs >= 1.7.5-9.1
  • cups-libs-32bit >= 1.7.5-9.1
Patchnames:
SUSE Linux Enterprise Desktop 12 SP1 GA cups
SUSE Linux Enterprise Desktop 12 SP2
  • cups >= 1.7.5-12.4
  • cups-client >= 1.7.5-12.4
  • cups-libs >= 1.7.5-12.4
  • cups-libs-32bit >= 1.7.5-12.4
Patchnames:
SUSE Linux Enterprise Desktop 12 SP2 GA cups
SUSE Linux Enterprise Desktop 12 SP3
  • cups >= 1.7.5-19.1
  • cups-client >= 1.7.5-19.1
  • cups-libs >= 1.7.5-19.1
  • cups-libs-32bit >= 1.7.5-19.1
Patchnames:
SUSE Linux Enterprise Desktop 12 SP3 GA cups
SUSE Linux Enterprise Module for Basesystem 15
  • cups >= 2.2.7-1.24
  • cups-client >= 2.2.7-1.24
  • cups-config >= 2.2.7-1.24
  • cups-devel >= 2.2.7-1.24
  • libcups2 >= 2.2.7-1.24
  • libcupscgi1 >= 2.2.7-1.24
  • libcupsimage2 >= 2.2.7-1.24
  • libcupsmime1 >= 2.2.7-1.24
  • libcupsppdc1 >= 2.2.7-1.24
Patchnames:
SUSE Linux Enterprise Module for Basesystem 15 GA cups
SUSE Linux Enterprise Module for Desktop Applications 15
  • libcups2-32bit >= 2.2.7-1.24
Patchnames:
SUSE Linux Enterprise Module for Desktop Applications 15 GA libcups2-32bit
SUSE Linux Enterprise Module for Development Tools 15
  • cups-ddk >= 2.2.7-1.24
Patchnames:
SUSE Linux Enterprise Module for Development Tools 15 GA cups-ddk
SUSE Linux Enterprise Module for Legacy Software 12
  • cups154 >= 1.5.4-2.5
  • cups154-client >= 1.5.4-2.5
  • cups154-filters >= 1.5.4-2.5
  • cups154-libs >= 1.5.4-2.5
Patchnames:
SUSE Linux Enterprise Module for Legacy Software 12 GA cups154
SUSE Linux Enterprise Server 11 SP3
  • cups >= 1.3.9-8.46.52.2
  • cups-client >= 1.3.9-8.46.52.2
  • cups-libs >= 1.3.9-8.46.52.2
  • cups-libs-32bit >= 1.3.9-8.46.52.2
  • cups-libs-x86 >= 1.3.9-8.46.52.2
Patchnames:
slessp3-cups
SUSE Linux Enterprise Server 11 SP4
  • cups >= 1.3.9-8.46.56.1
  • cups-client >= 1.3.9-8.46.56.1
  • cups-libs >= 1.3.9-8.46.56.1
  • cups-libs-32bit >= 1.3.9-8.46.56.1
  • cups-libs-x86 >= 1.3.9-8.46.56.1
Patchnames:
SUSE Linux Enterprise Server 11 SP4 GA cups
SUSE Linux Enterprise Server 12
  • cups >= 1.7.5-2.7
  • cups-client >= 1.7.5-2.7
  • cups-libs >= 1.7.5-2.7
  • cups-libs-32bit >= 1.7.5-2.7
Patchnames:
SUSE Linux Enterprise Server 12 GA cups
SUSE Linux Enterprise Server 12 SP1
  • cups >= 1.7.5-9.1
  • cups-client >= 1.7.5-9.1
  • cups-libs >= 1.7.5-9.1
  • cups-libs-32bit >= 1.7.5-9.1
Patchnames:
SUSE Linux Enterprise Server 12 SP1 GA cups
SUSE Linux Enterprise Server 12 SP2
  • cups >= 1.7.5-12.4
  • cups-client >= 1.7.5-12.4
  • cups-libs >= 1.7.5-12.4
  • cups-libs-32bit >= 1.7.5-12.4
Patchnames:
SUSE Linux Enterprise Server 12 SP2 GA cups
SUSE Linux Enterprise Server 12 SP3
  • cups >= 1.7.5-19.1
  • cups-client >= 1.7.5-19.1
  • cups-libs >= 1.7.5-19.1
  • cups-libs-32bit >= 1.7.5-19.1
Patchnames:
SUSE Linux Enterprise Server 12 SP3 GA cups
SUSE Linux Enterprise Server for Raspberry Pi 12 SP2
  • cups >= 1.7.5-12.4
  • cups-client >= 1.7.5-12.4
  • cups-libs >= 1.7.5-12.4
Patchnames:
SUSE Linux Enterprise Server for Raspberry Pi 12 SP2 GA cups
SUSE Linux Enterprise Server for SAP Applications 11 SP3
  • cups >= 1.3.9-8.46.52.2
  • cups-client >= 1.3.9-8.46.52.2
  • cups-libs >= 1.3.9-8.46.52.2
  • cups-libs-32bit >= 1.3.9-8.46.52.2
  • cups-libs-x86 >= 1.3.9-8.46.52.2
Patchnames:
slessp3-cups
SUSE Linux Enterprise Server for VMWare 11 SP3
  • cups >= 1.3.9-8.46.52.2
  • cups-client >= 1.3.9-8.46.52.2
  • cups-libs >= 1.3.9-8.46.52.2
  • cups-libs-32bit >= 1.3.9-8.46.52.2
  • cups-libs-x86 >= 1.3.9-8.46.52.2
Patchnames:
slessp3-cups
SUSE Linux Enterprise Software Development Kit 11 SP3
  • cups-devel >= 1.3.9-8.46.52.2
Patchnames:
sdksp3-cups
SUSE Linux Enterprise Software Development Kit 11 SP4
  • cups-devel >= 1.3.9-8.46.56.1
Patchnames:
SUSE Linux Enterprise Software Development Kit 11 SP4 GA cups-devel
SUSE Linux Enterprise Software Development Kit 12
  • cups-devel >= 1.7.5-2.7
Patchnames:
SUSE Linux Enterprise Software Development Kit 12 GA cups-devel
SUSE Linux Enterprise Software Development Kit 12 SP1
  • cups-devel >= 1.7.5-9.1
Patchnames:
SUSE Linux Enterprise Software Development Kit 12 SP1 GA cups-devel
SUSE Linux Enterprise Software Development Kit 12 SP2
  • cups-ddk >= 1.7.5-12.4
  • cups-devel >= 1.7.5-12.4
Patchnames:
SUSE Linux Enterprise Software Development Kit 12 SP2 GA cups-ddk
SUSE Linux Enterprise Software Development Kit 12 SP3
  • cups-ddk >= 1.7.5-19.1
  • cups-devel >= 1.7.5-19.1
Patchnames:
SUSE Linux Enterprise Software Development Kit 12 SP3 GA cups-ddk
SUSE Linux Enterprise Server 11 SP1 LTSS
  • cups >= 1.3.9-8.46.52.2
  • cups-client >= 1.3.9-8.46.52.2
  • cups-libs >= 1.3.9-8.46.52.2
Builds
SAT Patch Nr: 9560
SUSE Linux Enterprise Server 11 SP1 LTSS
  • cups >= 1.3.9-8.46.52.2
  • cups-client >= 1.3.9-8.46.52.2
  • cups-libs >= 1.3.9-8.46.52.2
  • cups-libs-32bit >= 1.3.9-8.46.52.2
Builds
SAT Patch Nr: 9560
SUSE Linux Enterprise Software Development Kit 11 SP3
  • cups-devel >= 1.3.9-8.46.52.2
Builds
SAT Patch Nr: 9561
SUSE Linux Enterprise Desktop 11 SP3
SUSE Linux Enterprise Server 11 SP3
SUSE Linux Enterprise Server 11 SP3 for VMware
  • cups >= 1.3.9-8.46.52.2
  • cups-client >= 1.3.9-8.46.52.2
  • cups-libs >= 1.3.9-8.46.52.2
Builds
SAT Patch Nr: 9561
SUSE Linux Enterprise Desktop 11 SP3
SUSE Linux Enterprise Server 11 SP3
SUSE Linux Enterprise Server 11 SP3 for VMware
  • cups >= 1.3.9-8.46.52.2
  • cups-client >= 1.3.9-8.46.52.2
  • cups-libs >= 1.3.9-8.46.52.2
  • cups-libs-32bit >= 1.3.9-8.46.52.2
Builds
SAT Patch Nr: 9561
SUSE Linux Enterprise Server 11 SP3
  • cups >= 1.3.9-8.46.52.2
  • cups-client >= 1.3.9-8.46.52.2
  • cups-libs >= 1.3.9-8.46.52.2
  • cups-libs-x86 >= 1.3.9-8.46.52.2
Builds
SAT Patch Nr: 9561
openSUSE Leap 15.0
  • cups >= 2.2.7-lp150.1.1
  • cups-client >= 2.2.7-lp150.1.1
  • cups-config >= 2.2.7-lp150.1.1
  • libcups2 >= 2.2.7-lp150.1.1
  • libcupscgi1 >= 2.2.7-lp150.1.1
  • libcupsimage2 >= 2.2.7-lp150.1.1
  • libcupsmime1 >= 2.2.7-lp150.1.1
  • libcupsppdc1 >= 2.2.7-lp150.1.1
Patchnames:
openSUSE Leap 15.0 GA cups
openSUSE Leap 42.1
  • cups >= 1.7.5-5.6
  • cups-client >= 1.7.5-5.6
  • cups-devel >= 1.7.5-5.6
  • cups-libs >= 1.7.5-5.6
  • cups-libs-32bit >= 1.7.5-5.6
Patchnames:
openSUSE Leap 42.1 GA cups
openSUSE Leap 42.2
  • cups >= 1.7.5-7.10
  • cups-client >= 1.7.5-7.10
  • cups-devel >= 1.7.5-7.10
  • cups-libs >= 1.7.5-7.10
  • cups-libs-32bit >= 1.7.5-7.10
Patchnames:
openSUSE Leap 42.2 GA cups
openSUSE Leap 42.3
  • cups >= 1.7.5-11.1
  • cups-client >= 1.7.5-11.1
  • cups-devel >= 1.7.5-11.1
  • cups-libs >= 1.7.5-11.1
  • cups-libs-32bit >= 1.7.5-11.1
Patchnames:
openSUSE Leap 42.3 GA cups
openSUSE Tumbleweed
  • cups >= 2.1.3-2.3
  • cups-client >= 2.1.3-2.3
  • cups-ddk >= 2.1.3-2.3
  • cups-devel >= 2.1.3-2.3
  • cups-devel-32bit >= 2.1.3-2.3
  • cups-libs >= 2.1.3-2.3
  • cups-libs-32bit >= 2.1.3-2.3
Patchnames:
openSUSE Tumbleweed GA cups