OpenPrinting (CUPS) Security Flaw

Recently, A researcher by the name of evilsocker has published his research regarding a 9.9 RCE CVSS found in the CUPS (Common Unix Printing System) printing protocol in Linux.

Does that affect Oreon?

As of now, The currently active version of Oreon which is Oreon Lime (R2) is only moderately vulnerable to this, If you haven’t changed your CUPS config you should be basically fine.

Older versions of Oreon

However, If you are running Oreon Lime (R1/R1.1) or you’ve modified your CUPS config, you might need to take action to mitigate the risk, The following commands are going to do the trick :

sudo systemctl stop cups-browsed
sudo systemctl disable cups-browsed

We at Oreon care for our users’ personal privacy and security and are hardworking to ensure total security on all Oreon systems, With that being said, Upstream is willing to push patches for this in both versions of Oreon.

Stay safe.

Ali moumen, Head Manager @ Oreon Project.

1 Like