From $URL : During the process of CUPS socket activation code refactoring in favour of systemd capability a security flaw was found in the way CUPS service honoured Listen localhost:631 cupsd.conf configuration option. The setting was recognized properly for IPv4-enabled systems, but failed to be correctly applied for IPv6-enabled systems. As a result, a remote attacker could use this flaw to obtain (unauthorized) access to the CUPS web-based administration interface. References: [1] https://bugzilla.novell.com/show_bug.cgi?id=795624
printing: Fedora's fix [1] was to drop the IP socket activation [1] http://pkgs.fedoraproject.org/cgit/cups.git/commit/cups-systemd-socket.patch?id=6ef39188975c03f6132a98c8cad20ce80b3d95d9
@systemd: please help, because I dont really know what this is about
I don't understand it either. There's a problem with IPv6, so Fedora disabled IPv4? ;f
This is not a regression in 1.6
*** Bug 526860 has been marked as a duplicate of this bug. ***
this bug report is so old now, but i still get this error with net-print/cups-2.0.0-r2 and systemd so there is a solution insight?
According to http://pkgs.fedoraproject.org/cgit/rpms/cups.git/commit/cups-systemd-socket.patch?id=cdaa46736bfa4cab81fd9fd981138fadeae5d24a this is now fixed. Fix was https://github.com/apple/cups/issues/4497
Package is now stable, but not vulnerable. Leaving original whiteboard values in place. GLSA Vote: No