package cups found 530027 1.4.2-4 thanks On 23-May-2009, Ben Finney wrote: > On 23-May-2009, Ben Finney wrote: > > Could this be related to the following entry in the Debian > > changelog: > > > > ===== > > * New upstream security/bug fix release: > > - The scheduler now protects against DNS rebinding attacks. Please note > > that this could lead to some regressions. (CVE-2009-0164) > > ===== > > > > I'm completely unable to print or manage CUPS while this > > continues. That sounds like a regression to me, but there's no > > hint of how to fix it or know whether that's behind the problem.
This bug continues to occur in cups 1.4.2-4. Enabling debug logging shows the following log entries when a client attempts to connect: ===== D [06/Dec/2009:11:14:27 +1100] cupsdAcceptClient: 13 from 192.168.5.7:631 (IPv4) D [06/Dec/2009:11:14:27 +1100] cupsdReadClient: 13 GET / HTTP/1.1 D [06/Dec/2009:11:14:27 +1100] cupsdSetBusyState: Active clients and dirty files D [06/Dec/2009:11:14:27 +1100] cupsdAuthorize: No authentication data provided. E [06/Dec/2009:11:14:27 +1100] Request from "192.168.5.7" using invalid Host: field "printserver:631" D [06/Dec/2009:11:14:27 +1100] cupsdReadClient: 13 Closing because Keep-Alive disabled D [06/Dec/2009:11:14:27 +1100] cupsdCloseClient: 13 D [06/Dec/2009:11:14:27 +1100] cupsdSetBusyState: Dirty files ===== What is the plan to address this bug? I'm unable to upgrade to any version released in Squeeze so far. -- \ “People's Front To Reunite Gondwanaland: Stop the Laurasian | `\ Separatist Movement!” —wiredog, http://kuro5hin.org/ | _o__) | Ben Finney <[email protected]> -- To UNSUBSCRIBE, email to [email protected] with a subject of "unsubscribe". Trouble? Contact [email protected]
