CUPS vulnerability

Started by adk20, September 28, 2024, 11:25:44 AM

Previous topic - Next topic
Print
Go Down Pages1
User actions
September 28, 2024, 11:25:44 AM
I did my homework before asking. No CUPS package to be found in OPNsense and no port 631 listening.

However, since *BSD is potentially affected, I would like to confirm that there is indeed no risk for OPNsense. Could any third-party package install CUPS?

Thank you.
September 28, 2024, 11:28:58 AM #1
You can probably install cups if you want to, but I don't see why you would.
September 28, 2024, 12:02:50 PM #2
For the packages in the OpnSense repository, Deciso will bring updates if/when that is needed.
Once you enable other repos (inlcuding the official FreeBSD ones), YMMV.

I think there are bigger potential risks than to deliberately install a package on a firewall that does not belong there, like using a package and missing vital points, such as: "When I install squid and enable it for any interface (possibly because I want to filter traffic), it is able to access any other VLAN despite firewall rules saying some VLANs are restricted."
Intel N100, 4 x I226-V, 16 GByte, 256 GByte NVME, ZTE F6005

1100 down / 440 up, Bufferbloat A+
Print
Go Up Pages1
User actions