TL;DR: Alleged unauthenticated RCE on "all GNU/Linux systems (plus others)"
Now would be a great time to:
- Get all your systems on orchestration
- Shut down all non-critical endpoints
- Prepare yourself to speedrun patches, potentially requiring a reboot, across your entire infrastructure
- Stock up on popcorn
This may or may not be a fix for these vulnerabilities, but if you look close, one of the systems affected is the IPv4 stack.
If you recall, Windows had a vulnerability in the IPv6 stack and everyone's kneejerk reaction was to disable IPv6 forever and ever.
I wonder how many people will have the same reaction to a bug in the IPv4 stack....
@pyrate @Suiseiseki @r000t I haven't used Alpine for servers but I've heard nothing but praise, what are you using if not systemd?
asking for science ofc
@r000t So after all this Sturm und Drang it turns out to be a CUPS vulnerability.
Which is not a small thing, per the Xweeter 300K sites on the public IPv4 net, but not a 9.9, which Heartbleed didn't reach.
(Not that your advice is bad, unless one don't like popcorn (and who doesn't??).)
@ThatWouldBeTelling
This is my post about the release
@r000t That's good and useful, and I'll note current Debian stable Bookworm hasn't had an update to CUPS since a late August point release which updated a lot of things.
@r000t Update: Debian stable bookworm updated CUPS sometime in the last 25 hours.