A flaw was found in the CUPS printing server. Insufficient randomness makes session cookies predictable, breaking CSRF protection. https://nvd.nist.gov/vuln/detail/CVE-2018-4700