| Errata ID | 46 |
|---|---|
| Date | 2018-05-16 |
| Source package | cups |
| Fixed in version | 2.2.1-8+deb9u1A~4.3.0.201803131634 |
| Description | This update addresses the following issue: * CVE-2017-18190: Prevent an issue where remote attackers could execute arbitrary IPP commands by sending POST requests to the CUPS daemon in conjunction with DNS rebinding. This was caused by a whitelisted "localhost.localdomain" entry. |
| Additional notes | |
| CVE ID | CVE-2017-18190 |
| UCS Bug number | #46625 |
