Linux Vulnerability Announced, Details Kept Secret [Solved]

[siamhie]

If you don't want to waste 24 minutes of your time watching his video then head over here to read what he is reading verbatim.

Attacking UNIX Systems via CUPS, Part I

[CharlesV]

Another short read on the issue
https://www.phoronix.com/news/Linux-CVSS-9.9-Rating

[kernelkurtz]

he has in the last few years become more extremist and reactionary than he's ever been in the past

This gets said by more and more people, about more and more people.

I will just point out that there is a valid alternative explanation. Which is that people don't change all that much, but the culture has shifted dramatically to 'the center' under their feet, leaving them looking extremist for views they've always held and the actions they take as a result. I believe it happened to Mr. Snowden.

To keep things almost back on topic, I contribute this:

https://en.wikipedia.org/wiki/Alan_Cox_ ... rogrammer)

[DukeComposed]

he has in the last few years become more extremist and reactionary than he's ever been in the past

This gets said by more and more people, about more and more people.

I will just point out that there is a valid alternative explanation. Which is that people don't change all that much, but the culture has shifted dramatically to 'the center' under their feet, leaving them looking extremist for views they've always held and the actions they take as a result.

That theory asserts that the Overton window is shifting to the center. If this were true, emerging social and fiscal policies should be moderate right about now and there's ample evidence to suggest that's not the case.

In this specific situation, the BLM and antifa movements in the U. S. in 2020 hit Bryan Lund close to home, literally and figuratively, and it's some people's opinion that this spooked him enough to make him start doubling down on his political stance to the point that he is largely unable or unwilling to keep it separate from his tech reporting. This thread reminded me of the video "Linux Sucks" Sucks, which I revisited tonight.

It reminded me of Bryan Lund's original "I have a politics website and a tech website, let's keep them separate" post and how readily he ignores this directive. My point remains: what he considers journalism shouldn't be mistaken for actual journalism and people need to be very, very careful when consuming his content. He has an agenda, moreso than most.

To that end, let me amend my statement from "he has in the last few years become more extremist and reactionary than he's ever been in the past" to "he has in the last few years become more open and brazen about his extremist and reactionary opinions and conspiracy theories that he has probably always had".

[MikeR]

It looks like a patch is available, at least for Ubuntu and derivatives (Mint...): https://ubuntu.com/security/notices/USN-7043-1

[mxrd]

So to speak, for first aid it in a first step would be sufficient to completely deinstall cups and close port 631?
(i deinstalled cups for testing, in a vm and on bare metal, and on latter closed 631, and no negativ effect until now; )

[Eadwine Rose]

Still able to print in all ways?

[mxrd]

Still able to print in all ways?

sorry, of course to consider,
if one has installed a printer urgently needed of course not to do it this way, or carefully
ponder about this method

but i don't need printing this way because of the special demands of the printer type i didnt get it to work, so i print
(that seldom that i really need it ) with the parrallel installed ifjdoiawng- OS (don't want to mention it in this forum )

And, oc all imho: considering the security under this circumstances it looks for me to be worth to do it this way,
base installing of cups looks easy with synaptic, so when vulnerabilitiy-situation will alleviate it looks like
installing again is a breeze?!?

[dreamer]

The severe vulnerability 9.9/10 doesn’t impact basic printing and scanning.

The easiest solution is to uninstall the cups-browsed package. I always do this on my personal snapshots. It doesn’t affect printing or scanning. If you don’t want to uninstall the cups-browsed package you can disable the service while you wait for patches to be delivered.

Red Hat has a good write-up:
https://www.redhat.com/en/blog/red-hat- ... rabilities

[AK-47]

To be honest, I don't care about this sort of stuff on who did what and when. You use the computer, you are responsible.

Speaking as a dev, if only modern day computers and software were still that simple...