So there are a lot of people subtweeting a vulnerability in CUPS. There doesn't seem to be much hard information. This is the clearest thing I've seen https://infosec.exchange/@wdormann/113205636224106943

I think: I don't own a printer. I will temporarily disable CUPS until Ubuntu fixes this. I check ps aux and see many processes with cupsd in the name, mostly running inside a snap. I run:

sudo snap stop cups
sudo snap disable cups

It prints success. I run ps aux again. There is still a /usr/sbin/cupsd running.

Oh. (1/2)

Pls explain to me like I am a babby mac user.

1. What would be the correct way to temporarily disable CUPS on an Ubuntu Linux system?

2. What exactly did I just do, or rather, what would be the best way to reverse it and make my system "normal"? Would rebooting fix whatever I did? If not, would running "sudo snap enable cups" and then rebooting, fix it?

3. On what timeframe should I expect Ubuntu to push to apt/"Software updater" a fix for the CUPS CVEs?

@mcc

Ubuntu's a systemd distro so it'll be

systemctl stop cups
systemctl disable cups

and then you can do a

systemctl daemon-reload

@munin @mcc

Might need also cups-browsed if Ubuntu is like Debian in this regard. (I don't have any Ubuntu system handy to check.)

To undo run "systemctl enable cups" (and cups-browsed if you disabled that).

@mkj @munin cups prints and cups-browsed does printer discovery?

@mcc I think so.

Mine's behind a couple of layers of firewall so quite frankly I have zero concerns until there are updated packages.

@munin