oss-sec mailing list archives
Re: [EXTERN] Re: [oss-security] Multiple CVEs disclosed in CUPS
From: "Schwedas, Sven" <Sven.Schwedas () manz at>
Date: Wed, 8 Apr 2026 07:34:38 +0000
On 2026-04-08 03:40, Peter Gutmann wrote:
Under Ubuntu it's installed by default and deeply embedded into things (some packages can't be removed at all, try a 'sudo apt purge libcups*' but whatever you do don't hit 'y')
libcups itself is only the client side that does not seem vulnerable to any of the issues, cupsd can be managed like any other daemon, and worst case can be firewalled off if that does not work for whatever reason.
Current thread:
- Multiple CVEs disclosed in CUPS Alan Coopersmith (Apr 07)
- Re: Multiple CVEs disclosed in CUPS Peter Gutmann (Apr 07)
- Re: [EXTERN] Re: [oss-security] Multiple CVEs disclosed in CUPS Schwedas, Sven (Apr 08)
- Re: Multiple CVEs disclosed in CUPS Peter Gutmann (Apr 07)