Bug 117710

Summary:	cupsd should listen to local interface only by default
Product:	Gentoo Security	Reporter:	vltg0903
Component:	Default Configs	Assignee:	Gentoo Security <security>
Status:	RESOLVED FIXED
Severity:	normal	CC:	printing, radek
Priority:	High
Version:	unspecified
Hardware:	All
OS:	Linux
Whiteboard:	[noglsa]
Package list:		Runtime testing required:	---

Description vltg0903 2006-01-04 02:10:05 UTC

As of now, default cupsd.conf  specifies the option 'Port 631', which listens to all open interfaces. This should be replaced by 'Listen 127.0.0.1:631', which listens on the local interface only.

Comment 1 Thierry Carrez (RETIRED) gentoo-dev

2006-01-04 02:19:13 UTC

Yes, I agree, its an unsafe default value.

Comment 2 SpanKY gentoo-dev

2006-01-04 06:43:22 UTC

it used to, i wonder when that change was lost

Comment 3 Sune Kloppenborg Jeppesen (RETIRED) gentoo-dev

2006-03-18 05:44:37 UTC

Printing any news on this one?

Comment 4 SpanKY gentoo-dev

2006-06-14 13:43:25 UTC

looks like cups-1.2.x already does this by default

ive updated 1.1.23-r7 to also do this by defeault now

i dont think this needs a revbump ?

Comment 5 Sune Kloppenborg Jeppesen (RETIRED) gentoo-dev

2006-06-14 21:19:15 UTC

Closing. I don't think a revbump is needed here either as long as all new installs and upgrades are fine.

Thx Mike