{"schema_version": "1.7.0", "id": "RLSA-2020:4469", "modified": "2023-02-02T14:09:05.950117Z", "published": "2020-11-03T12:07:34Z", "upstream": ["CVE-2020-3898"], "summary": "Low: cups security and bug fix update", "details": "The Common UNIX Printing System (CUPS) provides a portable printing layer for Linux, UNIX, and similar operating systems.\n\nSecurity Fix(es):\n\n* cups: heap based buffer overflow in libcups's ppdFindOption() in ppd-mark.c (CVE-2020-3898)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.\n\nAdditional Changes:\n\nFor detailed information on changes in this release, see the Rocky Linux 8.3 Release Notes linked from the References section.", "severity": [{"type": "CVSS_V3", "score": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:L"}], "affected": [{"package": {"ecosystem": "Rocky Linux:8", "name": "cups", "purl": "pkg:rpm/rocky-linux/cups?distro=rocky-linux-8-4-legacy&epoch=1"}, "ranges": [{"type": "ECOSYSTEM", "events": [{"introduced": "0"}, {"fixed": "1:2.2.6-38.el8"}], "database_specific": {"yum_repository": "BaseOS"}}]}], "references": [{"type": "ADVISORY", "url": "https://errata.rockylinux.org/RLSA-2020:4469"}, {"type": "REPORT", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1689207"}, {"type": "REPORT", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1775590"}, {"type": "REPORT", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1784884"}, {"type": "REPORT", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1809002"}, {"type": "REPORT", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1822135"}, {"type": "REPORT", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1823964"}, {"type": "REPORT", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1838449"}], "credits": [{"name": "Rocky Enterprise Software Foundation"}, {"name": "Red Hat"}]}