From $URL :
During the process of CUPS socket activation code refactoring in favour of systemd capability a
security flaw was found in the way CUPS service honoured Listen localhost:631 cupsd.conf
configuration option. The setting was recognized properly for IPv4-enabled systems, but failed to
be correctly applied for IPv6-enabled systems. As a result, a remote attacker could use this flaw
to obtain (unauthorized) access to the CUPS web-based administration interface.
printing: Fedora's fix  was to drop the IP socket activation
@systemd: please help, because I dont really know what this is about
I don't understand it either. There's a problem with IPv6, so Fedora disabled IPv4? ;f
This is not a regression in 1.6
*** Bug 526860 has been marked as a duplicate of this bug. ***
this bug report is so old now, but i still get this error with
net-print/cups-2.0.0-r2 and systemd
so there is a solution insight?
According to http://pkgs.fedoraproject.org/cgit/rpms/cups.git/commit/cups-systemd-socket.patch?id=cdaa46736bfa4cab81fd9fd981138fadeae5d24a this is now fixed. Fix was https://github.com/apple/cups/issues/4497
Package is now stable, but not vulnerable. Leaving original whiteboard values in place.
GLSA Vote: No