[tor-relays] relays and CUPS vulnerabilities

27 Sep 2024


      There are some very significant recent CVEs out for CUPS, the unix
printing system.
https://cve.mitre.org/cgi-bin/cvekey.cgi?keyword=cups
It's an ideal moment to remind relay operators that a Tor node, relay or
bridge, should be a single-purpose internet server.
Running alternate internet services is a bad idea. The node should have
the minimum packages installed for the purpose of running a node. More
packages means more possible vulnerabilities.
Needless to say, a CUPS server listening on 631/tcp or 631/udp while
providing Tor access is a bad idea.
g
-- 
43C2 85B0 41B6 4AC1 0E02 2767 7092 AEB3 40B0 C804

2024

2023

2022

2021

2020

2019

2018

2017

2016

2015

2014

2013

2012

2011

[tor-relays] relays and CUPS vulnerabilities