[frankjr]

> Full disclosure happening at 20:00 UTC today, in a bit more than 2 hours.

> Also, to temper some concern about @evilsocket recent research... His bugs are in a thing that none of you should have installed so when it's published, please just uninstall that junk. Hopefully the response of the developer shows how badly you need to remove it.

https://x.com/evilsocket/status/1839361276813902240

https://x.com/jduck/status/1839312872817803570

[frankjr]

Almost certainly CUPS related.

[bshipp]

From an eating-popcorn perspective, I would find it truly entertaining that a printer package could somehow result in a 9.9 security vulnerability that is somehow worse than heartbleed. How many linux systems actually have cups installed and active?

[Alex-Programs]

My desktop did. It wasn't publicly exposed though. Past tense - I just purged it.

I doubt many exposed servers have CUPS.

Edit: The article says he did an internet scan showing hundreds of thousands of vulnerable machines.