From f3776fa647ce873e8f4e942402356a44128472f6862d2047013ab6eb626cbea0 Mon Sep 17 00:00:00 2001 From: Johannes Meixner Date: Fri, 12 Nov 2010 08:51:26 +0000 Subject: [PATCH] Accepting request 52897 from home:jsmeix:branches:Printing Upgrade to CUPS 1.4.5 OBS-URL: https://build.opensuse.org/request/show/52897 OBS-URL: https://build.opensuse.org/package/show/Printing/cups?expand=0&rev=207 --- cups-1.4-additional_policies.patch | 18 ++++++++++-------- cups-1.4.4-source.tar.bz2 | 3 --- cups-1.4.5-source.tar.bz2 | 3 +++ cups.changes | 19 +++++++++++++++++++ cups.spec | 7 +++---- 5 files changed, 35 insertions(+), 15 deletions(-) delete mode 100644 cups-1.4.4-source.tar.bz2 create mode 100644 cups-1.4.5-source.tar.bz2 diff --git a/cups-1.4-additional_policies.patch b/cups-1.4-additional_policies.patch index f82243c..eede2bc 100644 --- a/cups-1.4-additional_policies.patch +++ b/cups-1.4-additional_policies.patch @@ -1,17 +1,19 @@ ---- conf/cupsd.conf.in.orig 2010-01-27 11:49:09.000000000 +0100 -+++ conf/cupsd.conf.in 2010-01-27 11:55:34.000000000 +0100 -@@ -120,3 +120,23 @@ DefaultAuthType Basic +--- conf/cupsd.conf.in.orig 2010-11-12 09:04:07.000000000 +0100 ++++ conf/cupsd.conf.in 2010-11-12 09:16:14.000000000 +0100 +@@ -124,3 +124,25 @@ DefaultAuthType Basic # - # End of "$Id: cupsd.conf.in 8805 2009-08-31 16:34:06Z mike $". + # End of "$Id: cupsd.conf.in 9310 2010-09-21 22:34:57Z mike $". # + +# The policy below is added by openSUSE/Novell during build of our cups package. +# The policy 'allowallforanybody' is totally open and insecure and therefore +# it can only be used within an internal network where only trused users exist -+# and where the cupsd is not accessible at all from any external host. ++# and where the cupsd is not accessible at all from any external host, see ++# http://en.opensuse.org/SDB:CUPS_and_SANE_Firewall_settings +# Have in mind that any user who is allowed to do printer admin tasks -+# can change the print queues as he likes (e.g. send copies of confidental -+# print jobs from an internal network to any external destination). ++# can change the print queues as he likes - e.g. send copies of confidental ++# print jobs from an internal network to any external destination, see ++# http://en.opensuse.org/SDB:CUPS_in_a_Nutshell +# For documentation regarding 'Managing Operation Policies' see +# http://www.cups.org/documentation.php/doc-1.4/policies.html + @@ -20,7 +22,7 @@ + Allow from all + + -+# Explicitely set the CUPS 'default' policy to be used by default: ++# Explicitly set the CUPS 'default' policy to be used by default: +DefaultPolicy default +# End of additions by openSUSE/Novell. + diff --git a/cups-1.4.4-source.tar.bz2 b/cups-1.4.4-source.tar.bz2 deleted file mode 100644 index 6b4be43..0000000 --- a/cups-1.4.4-source.tar.bz2 +++ /dev/null @@ -1,3 +0,0 @@ -version https://git-lfs.github.com/spec/v1 -oid sha256:d25ffa35add3abeeec0eba60be2cffc89425b649c64ef3a73dfc724683a59aa3 -size 4472741 diff --git a/cups-1.4.5-source.tar.bz2 b/cups-1.4.5-source.tar.bz2 new file mode 100644 index 0000000..c1609e0 --- /dev/null +++ b/cups-1.4.5-source.tar.bz2 @@ -0,0 +1,3 @@ +version https://git-lfs.github.com/spec/v1 +oid sha256:0450d6d8e6e8af225d2a3319c848737d76473a6c7579cf97c52086d0371c0efe +size 4513924 diff --git a/cups.changes b/cups.changes index f75fcce..cb1d014 100644 --- a/cups.changes +++ b/cups.changes @@ -1,3 +1,22 @@ +------------------------------------------------------------------- +Fri Nov 12 08:47:49 CET 2010 - jsmeix@suse.de + +- Upgraded to CUPS 1.4.5 + CUPS 1.4.5 fixes several scheduler and printing bugs + as well as a reported security bug, in particular: + * Fixed a IPP parsing memory corruption bug + (CVE-2010-2941, STR #3648, Novell/Suse Bugzilla bnc#649256) + * Fixed a PPD loader bug that could crash the cupsd (STR #3680) + * The scheduler restarts jobs while shutting down (STR #3679) + * Did not initialize Kerberos in all cases (STR #3662) + * The socket backend could go into an infinite loop + with certain printers (STR #3622) + * Moving a job via the web interface failed without + asking for authentication (STR #3559) + * The web interface did not allow a user to change + the driver (STR #3537, STR #3601) + * For a complete list see the CHANGES.txt file. + ------------------------------------------------------------------- Thu Jul 15 15:03:20 CEST 2010 - jsmeix@suse.de diff --git a/cups.spec b/cups.spec index dc5d198..cf7e353 100644 --- a/cups.spec +++ b/cups.spec @@ -29,7 +29,7 @@ Url: http://www.cups.org/ License: GPLv2+ ; LGPLv2.1+ Group: Hardware/Printing Summary: The Common UNIX Printing System -Version: 1.4.4 +Version: 1.4.5 Release: 3 # Require the exact matching version-release of the cups-libs sub-package because # non-matching CUPS libraries may let CUPS software crash (e.g. segfault) @@ -52,8 +52,8 @@ Conflicts: plp lprold lprng Obsoletes: cups-SUSE-ppds-dat Provides: cups-SUSE-ppds-dat # Source0...Source9 is for sources from upstream: -# URL for Source0: http://ftp.easysw.com/pub/cups/1.4.4/cups-1.4.4-source.tar.bz2 -# MD5 sum for Source0 on http://www.cups.org/software.php 8776403ad60fea9e85eab9c04d88560d +# URL for Source0: http://ftp.easysw.com/pub/cups/1.4.5/cups-1.4.5-source.tar.bz2 +# MD5 sum for Source0 on http://www.cups.org/software.php 50729f6fc46ba54223e0eaf5009f3419 Source0: cups-%{version}-source.tar.bz2 # Patch0...Patch9 is for patches from upstream: # Source10...Source99 is for sources from Novell/openSUSE which are intended for upstream: @@ -458,7 +458,6 @@ exit 0 %doc %{_mandir}/man5/printers.conf.5.gz %doc %{_mandir}/man5/subscriptions.conf.5.gz %doc %{_mandir}/man7/backend.7.gz -%doc %{_mandir}/man7/drv.7.gz %doc %{_mandir}/man7/filter.7.gz %doc %{_mandir}/man7/notifier.7.gz %doc %{_mandir}/man8/cups-deviced.8.gz