rsmith at xs4all.nl
Sat Nov 10 02:03:59 PST 2007
On Sat, Nov 10, 2007 at 10:18:19AM +0100, zbigniew szalbot wrote:
> Aryeh M. Friedman pisze:
>> > I am not sure I understand the message about remote execution of
>> > arbitrary code.
>> That is just saying that if the security issue is a problem for you
>> don't upgrade (i.e. go ahead if you don't care).
> Thanks but I think I now understand even less :)
> If a security issue is a problem, don't upgrade???
Apparently there is a bug in this port that would allow an attacker from
outside to make cupsd execute his malicious code. Therefore installation
of this port is forbidden as a precaution until a fix is available.
But if you have a firewall that rejects incomming connections or if you
have cupsd set up to deny all connections but local ones this bug
presumably cannot affect you.
> Not sure also how one could go ahead? There is no option to continue. The
> message appears and that's all. I am not given any option.
Upgrade the port once it is fixed. In the meantime block incoming
connections either in cupsd.conf or with your firewall.
[plain text _non-HTML_ PGP/GnuPG encrypted/signed email much appreciated]
pgp: 1A2B 477F 9970 BA3C 2914 B7CE 1277 EFB0 C321 A725 (KeyID: C321A725)
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Size: 187 bytes
Desc: not available
Url : http://lists.freebsd.org/pipermail/freebsd-questions/attachments/20071110/8e4155cb/attachment.pgp
More information about the freebsd-questions