cups-base problem

Roland Smith rsmith at
Sat Nov 10 02:03:59 PST 2007

On Sat, Nov 10, 2007 at 10:18:19AM +0100, zbigniew szalbot wrote:
> Hello,
> Aryeh M. Friedman pisze:
>> > I am not sure I understand the message about remote execution of
>> > arbitrary code.
>> That is just saying that if the security issue is a problem for you
>> don't upgrade (i.e. go ahead if you don't care).
> Thanks but I think I now understand even less :)
> If a security issue is a problem, don't upgrade???

Apparently there is a bug in this port that would allow an attacker from
outside to make cupsd execute his malicious code. Therefore installation
of this port is forbidden as a precaution until a fix is available.

But if you have a firewall that rejects incomming connections or if you
have cupsd set up to deny all connections but local ones this bug
presumably cannot affect you.

> Not sure also how one could go ahead? There is no option to continue. The 
> message appears and that's all. I am not given any option.

Upgrade the port once it is fixed. In the meantime block incoming
connections either in cupsd.conf or with your firewall.

[plain text _non-HTML_ PGP/GnuPG encrypted/signed email much appreciated]
pgp: 1A2B 477F 9970 BA3C 2914  B7CE 1277 EFB0 C321 A725 (KeyID: C321A725)
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 187 bytes
Desc: not available
Url :

More information about the freebsd-questions mailing list