<![CDATA[Dev1 Galaxy Forum / Question about Debian issuing patches]]> http://dev1galaxy.org/viewtopic.php?id=6861 Mon, 30 Sep 2024 20:20:22 +0000 FluxBB <![CDATA[Re: Question about Debian issuing patches]]> http://dev1galaxy.org/viewtopic.php?pid=52459#p52459 Cups update came today.

]]> Mon, 30 Sep 2024 20:20:22 +0000 http://dev1galaxy.org/viewtopic.php?pid=52459#p52459 <![CDATA[Re: Question about Debian issuing patches]]> http://dev1galaxy.org/viewtopic.php?pid=52447#p52447 The attack starts with a rogue computer spoofing a fake network printer. The attacked host is running a CUPS server and allows the fake network printer to execute arbitrary code on the server when trying printing with the fake printer.

So, the risk is higher for publicly opened networks with cups servers running. Private networks (i.e. behind a NAT) are at risk if authorized users (or intruders) set up a rogue computer for the attack inside the network.

]]> Sun, 29 Sep 2024 10:33:07 +0000 http://dev1galaxy.org/viewtopic.php?pid=52447#p52447 <![CDATA[Re: Question about Debian issuing patches]]> http://dev1galaxy.org/viewtopic.php?pid=52445#p52445 Note that cups-browsed is only used for publishing the printers of your machine for use by other machines. It has nothing to do with how your machine connects to the printers.

You really don't need cups-browsed at all. (One might possibly be able to draw up some use case where it could be close to useful, even if still not necessary). Just purge it.

]]> Sun, 29 Sep 2024 09:23:57 +0000 http://dev1galaxy.org/viewtopic.php?pid=52445#p52445 <![CDATA[Re: Question about Debian issuing patches]]> http://dev1galaxy.org/viewtopic.php?pid=52444#p52444 (Blatantly copied from a post by @johnraff on the bunsenlabs forums)

There's a mitigation shown on Debian's security tracker: https://security-tracker.debian.org/tra … 2024-47176

For client/desktop systems: Remove 'cups' from the "BrowseRemoteProtocols" line in /etc/cups/cups-browsed.conf and restart the cups-browsed service.

This seems to be what has been done in Debian's latest cups-filters upgrade - 1.28.17-5, currently in Sid, so should arrive in Bookworm and Trixie soon:
https://bugs.debian.org/cgi-bin/bugrepo … 1082820#10

]]> Sun, 29 Sep 2024 09:12:23 +0000 http://dev1galaxy.org/viewtopic.php?pid=52444#p52444 <![CDATA[Re: Question about Debian issuing patches]]> http://dev1galaxy.org/viewtopic.php?pid=52440#p52440 Thanks for that. I guess it shouldn't be too much longer. (?)

]]> Sat, 28 Sep 2024 15:44:26 +0000 http://dev1galaxy.org/viewtopic.php?pid=52440#p52440 <![CDATA[Re: Question about Debian issuing patches]]> http://dev1galaxy.org/viewtopic.php?pid=52439#p52439 Hello. Check this:
https://security-tracker.debian.org/tra … ckage/cups

It is fixed in sid, but not fixed in testing and stable.

]]> Sat, 28 Sep 2024 15:28:46 +0000 http://dev1galaxy.org/viewtopic.php?pid=52439#p52439 <![CDATA[Question about Debian issuing patches]]> http://dev1galaxy.org/viewtopic.php?pid=52438#p52438 So a vulnerability in cups has been known for a couple of days now (link). Some distros already made a patch for it. Does Debian usually lag behind the others in vulnerability issues like this one?

]]> Sat, 28 Sep 2024 13:11:37 +0000 http://dev1galaxy.org/viewtopic.php?pid=52438#p52438