Re: [PLUG] CUPS flaw

Frank via plug on 30 Sep 2024 16:15:07 -0700

[Date Prev] [Date Next] [Thread Prev] [Thread Next] [Date Index] [Thread Index]

Re: [PLUG] CUPS flaw

From: Frank via plug <plug@lists.phillylinux.org>
To: plug@lists.phillylinux.org
Subject: Re: [PLUG] CUPS flaw
Date: Mon, 30 Sep 2024 19:14:58 -0400
Dkim-signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=frankpapa.com; s=MBO0001; t=1727738101; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=TUwA0areC4AiUynwrhjKXyqnc3a/yErG8biNbeCrp38=; b=Qs/bLb+3n/1SGTvv0oXAq8KB+uGDlPGIfYQQu7jmz1yuJPRXp/MdgY5NYrmyuRpVH79rBi X5DGqjsviX2YFsm8B+jn2Ru0nyKNuYTuDSOT1exqbryXYzfH0D6Ct44i2LompikqnjAM/7 Rcradp7ycj/lRVYEPekIy7e5J16KpnXlZzExfLkXaubkDsFXTaOIUrbWteQxM3fzGE+n9K nooPGoM4FOzK61ZF/PHp6byU38FIIvwK7nO9zm3ofzaQKTBhWRwgjBz2juxjNG/QXeN8k3 2qRJIaQDiSPljEhH/VFUMOLnOw9psvMz16vtGffdsw5HcTQy+TfDaOTWDi7PCQ==
Reply-to: junk@frankpapa.com
Sender: "plug" <plug-bounces@lists.phillylinux.org>

Found it myself... Ubuntu pushed out this fix this past Thursday. I gotit from Mint on Friday.


https://ubuntu.com/blog/cups-remote-code-execution-vulnerability-fix-available

- Frank


On 9/30/24 7:06 PM, Chad Waters via plug wrote:

Its fixed in Debian
https://security-tracker.debian.org/tracker/CVE-2024-47175

I dont understand why anyone would think its a good idea to have this listening by default *cough* avahi too *cough*..

On Monday, September 30th, 2024 at 5:53 PM, Rich Mingin \(PLUG\) via plug <plug@lists.phillylinux.org> wrote:


I am wrong, I replied before checking my news sources, Ubuntu rolled
out some updated packages yesterday (Sunday) that they claim address
the CVE. I'd expect Mint/PopOS/etc machines to get those fixes now, if
they're not middle-manning the Ubuntu repos. Everyone else, AFAIK, is
working on fixes/updates and giving advice similar to what I did this
morning (do not expose print related ports/services/etc to the
internet!)

___________________________________________________________________________
Philadelphia Linux Users Group         --        http://www.phillylinux.org
Announcements - http://lists.phillylinux.org/mailman/listinfo/plug-announce
General Discussion  --   http://lists.phillylinux.org/mailman/listinfo/plug

___________________________________________________________________________
Philadelphia Linux Users Group         --        http://www.phillylinux.org
Announcements - http://lists.phillylinux.org/mailman/listinfo/plug-announce
General Discussion  --   http://lists.phillylinux.org/mailman/listinfo/plug

References:
- [PLUG] CUPS flaw
  - From: jeffv via plug <plug@lists.phillylinux.org>
- Re: [PLUG] CUPS flaw
  - From: Frank via plug <plug@lists.phillylinux.org>
- Re: [PLUG] CUPS flaw
  - From: "Rich Mingin \(PLUG\) via plug" <plug@lists.phillylinux.org>
- Re: [PLUG] CUPS flaw
  - From: "Rich Mingin \(PLUG\) via plug" <plug@lists.phillylinux.org>
- Re: [PLUG] CUPS flaw
  - From: Chad Waters via plug <plug@lists.phillylinux.org>

Prev by Date: Re: [PLUG] CUPS flaw
Previous by thread: Re: [PLUG] CUPS flaw
Index(es):
- Date
- Thread