Skip site navigation (1)Skip section navigation (2) 
Date:      Sat, 10 Nov 2007 11:03:35 +0100
From:      Roland Smith <rsmith@xs4all.nl>
To:        zbigniew szalbot <zbigniew@szalbot.homedns.org>
Cc:        "Aryeh M. Friedman" <aryeh.friedman@gmail.com>, freebsd-questions@freebsd.org
Subject:   Re: cups-base problem
Message-ID:  <20071110100335.GA7099@slackbox.xs4all.nl>
In-Reply-To: <4735775B.2020105@szalbot.homedns.org>
References:  <473570FC.7070002@szalbot.homedns.org> <4735766A.2020806@gmail.com> <4735775B.2020105@szalbot.homedns.org>
next in thread | previous in thread | raw e-mail | index | archive | help 

--x+6KMIRAuhnl3hBn
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
Content-Transfer-Encoding: quoted-printable

On Sat, Nov 10, 2007 at 10:18:19AM +0100, zbigniew szalbot wrote:
> Hello,
>=20
> Aryeh M. Friedman pisze:
>> > I am not sure I understand the message about remote execution of
>> > arbitrary code.
>> That is just saying that if the security issue is a problem for you
>> don't upgrade (i.e. go ahead if you don't care).
>>  =20
> Thanks but I think I now understand even less :)
> If a security issue is a problem, don't upgrade???

Apparently there is a bug in this port that would allow an attacker from
outside to make cupsd execute his malicious code. Therefore installation
of this port is forbidden as a precaution until a fix is available.

But if you have a firewall that rejects incomming connections or if you
have cupsd set up to deny all connections but local ones this bug
presumably cannot affect you.

> Not sure also how one could go ahead? There is no option to continue. The=
=20
> message appears and that's all. I am not given any option.

Upgrade the port once it is fixed. In the meantime block incoming
connections either in cupsd.conf or with your firewall.

Roland
--=20
R.F.Smith                                   http://www.xs4all.nl/~rsmith/
[plain text _non-HTML_ PGP/GnuPG encrypted/signed email much appreciated]
pgp: 1A2B 477F 9970 BA3C 2914  B7CE 1277 EFB0 C321 A725 (KeyID: C321A725)

--x+6KMIRAuhnl3hBn
Content-Type: application/pgp-signature
Content-Disposition: inline

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2.0.4 (FreeBSD)

iD8DBQFHNYH3EnfvsMMhpyURAkquAJ9+luAWvrRw5Kz3M3jC9bZLZqx4dwCfbGDp
/vvyKn8zV0pZGy3CrTb5tT4=
=AK9R
-----END PGP SIGNATURE-----

--x+6KMIRAuhnl3hBn--

Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20071110100335.GA7099>