From 8dab88b65bce856c77b038f56e08c4f1048a163d3440265b5263d07b3ae38ab4 Mon Sep 17 00:00:00 2001 From: Johannes Meixner Date: Thu, 28 Nov 2013 09:34:54 +0000 Subject: [PATCH 1/2] Accepting request 208731 from home:Mailaender:branches:Printing update, rpmlint fixes and packaging improvements around the .desktop files OBS-URL: https://build.opensuse.org/request/show/208731 OBS-URL: https://build.opensuse.org/package/show/Printing/hplip?expand=0&rev=85 --- hplip-3.13.10.tar.gz | 3 --- hplip-3.13.10.tar.gz.asc | 7 ------ hplip-3.13.11.tar.gz | 3 +++ hplip-3.13.11.tar.gz.asc | 7 ++++++ hplip.changes | 31 +++++++++++++++++++++++ hplip.desktop | 6 ----- hplip.spec | 54 +++++++++++++++++++++++++--------------- 7 files changed, 75 insertions(+), 36 deletions(-) delete mode 100644 hplip-3.13.10.tar.gz delete mode 100644 hplip-3.13.10.tar.gz.asc create mode 100644 hplip-3.13.11.tar.gz create mode 100644 hplip-3.13.11.tar.gz.asc delete mode 100644 hplip.desktop diff --git a/hplip-3.13.10.tar.gz b/hplip-3.13.10.tar.gz deleted file mode 100644 index 742f325..0000000 --- a/hplip-3.13.10.tar.gz +++ /dev/null @@ -1,3 +0,0 @@ -version https://git-lfs.github.com/spec/v1 -oid sha256:a8122cd824398ac6374154f86152e24fdf5c0100b5c1d6518e853308362e627d -size 20951136 diff --git a/hplip-3.13.10.tar.gz.asc b/hplip-3.13.10.tar.gz.asc deleted file mode 100644 index eb76891..0000000 --- a/hplip-3.13.10.tar.gz.asc +++ /dev/null @@ -1,7 +0,0 @@ ------BEGIN PGP SIGNATURE----- -Version: GnuPG v1.4.11 (GNU/Linux) - -iEYEABECAAYFAlJXyTYACgkQc9dwzaWQR7lU3gCfUPYc+L4OhHfT6FyDR+p6Cc3f -nTQAoKVRl9zN6A2FEfuevhyXKvbvxS5X -=rBTR ------END PGP SIGNATURE----- diff --git a/hplip-3.13.11.tar.gz b/hplip-3.13.11.tar.gz new file mode 100644 index 0000000..28bd742 --- /dev/null +++ b/hplip-3.13.11.tar.gz @@ -0,0 +1,3 @@ +version https://git-lfs.github.com/spec/v1 +oid sha256:1ea0ed020ab54e08620fe6ea7c30e93dbb8be505f2e6994e7222a7be63ca3b34 +size 21104424 diff --git a/hplip-3.13.11.tar.gz.asc b/hplip-3.13.11.tar.gz.asc new file mode 100644 index 0000000..2ebf61a --- /dev/null +++ b/hplip-3.13.11.tar.gz.asc @@ -0,0 +1,7 @@ +-----BEGIN PGP SIGNATURE----- +Version: GnuPG v1.4.11 (GNU/Linux) + +iEYEABECAAYFAlJyRPYACgkQc9dwzaWQR7k5dQCgsaBp0n2Yw+U4f+idkFfxmrEk +FycAoOgf1EFe+P3pmL+yy7w+aY9INQYk +=puTl +-----END PGP SIGNATURE----- diff --git a/hplip.changes b/hplip.changes index 54b9bbe..e132a5d 100644 --- a/hplip.changes +++ b/hplip.changes @@ -1,3 +1,34 @@ +------------------------------------------------------------------- +Tue Nov 26 19:33:01 UTC 2013 - mailaender@opensuse.org + +- Version upgrade to 3.13.11: + Added Support for the Following New Printers: + HP Color LaserJet Pro MPF M176 series + HP Color LaserJet Pro MPF M176n + HP Color LaserJet Pro MPF M177 series + HP Color LaserJet Pro MPF M177fw + HP Color LaserJet Enterprise M750 Printer series + HP Color LaserJet Enterprise M750n + HP Color LaserJet Enterprise M750dn + HP Color LaserJet Enterprise M750xh + HP Color LaserJet Enterprise M855 Printer series + HP Color LaserJet Enterprise M855dn Printer + HP Color LaserJet Enterprise M855xh Printer + HP Color LaserJet Enterprise M855x+ Printer + HP Color LaserJet Enterprise flow M880 Multifunction Printer series + HP Color LaserJet Enterprise flow M880z Multifunction Printer + HP Color LaserJet Enterprise flow M880z+ Multifunction Printer + HP LaserJet Pro MFP M127 series + HP LaserJet Pro MFP M127fn + HP LaserJet Pro MFP M127fw + HP Officejet 2620 All-in-One + HP Officejet 2621 All-in-One + HP Officejet 2622 All-in-One + Added Pin Printing support for HP LaserJet m5035 MFP device +- Added a devel package +- Update the .desktop database on install/uninstall +- Use .desktop files provided by upstream + ------------------------------------------------------------------- Wed Oct 16 15:36:08 CEST 2013 - jsmeix@suse.de diff --git a/hplip.desktop b/hplip.desktop deleted file mode 100644 index be8e6e9..0000000 --- a/hplip.desktop +++ /dev/null @@ -1,6 +0,0 @@ -[Desktop Entry] -Type=Application -Name=hp-toolbox -GenericName=HP Device Manager -Exec=hp-toolbox -Icon=HPmenu diff --git a/hplip.spec b/hplip.spec index 67c6d6d..ceda112 100644 --- a/hplip.spec +++ b/hplip.spec @@ -15,6 +15,7 @@ # Please submit bugfixes or comments via http://bugs.opensuse.org/ # + Name: hplip # BuildRequires foomatic-filters to avoid /usr/lib/rpm/brp-symlink ERROR: # link target doesn't exist (neither in build root nor in installed system): @@ -58,7 +59,7 @@ Group: Hardware/Printing # where 'a' or 'b' do not mean 'alpha' or 'beta' but 'second' or 'third' release in the month # (usually bugfix releases have the suffix like 3.12.10a = first bugfix release for 3.12.10). # Official releases have a 3 digit number and release candidates have a 4 digit number: x.y.m.rc -Version: 3.13.10 +Version: 3.13.11 Release: 0 Url: http://hplipopensource.com # Source0...Source9 is for sources from HP: @@ -77,10 +78,10 @@ Source2: hplip.keyring # Patch11 fix_gcc44_glib.diff is obsolete since version 3.9.6b because it is fixed in the source. # Patch12 hplip-3.9.8-CVE-2010-4267.patch fixeed a remote buffer overflow in hpmud/pml.c which # is no longer needed because it is fixed in the upstream sources in HPLIP version 3.13.7 -# Source100... is for special Suse sources: -# Source100 is the primary source for the suse_update_desktop_file stuff. +# Source100... is for special SUSE sources: +# Source100 is obsolete as upstream provides .desktop files now # It is found automatically in $RPM_SOURCE_DIR by 'suse_update_desktop_file -i hplip': -Source100: hplip.desktop +# Source100: hplip.desktop # Source101 hp-toolbox.wrapper was a wrapper for hp-toolbox which is no longer needed # see https://bugzilla.novell.com/show_bug.cgi?id=755820 # Source102 is a small man page for /usr/bin/hpijs: @@ -314,6 +315,16 @@ This sub-package includes only what is needed for plain scanning with the scan drivers in HPLIP for standard HP all-in-one printers. +%package devel +Summary: Development files for hplip +Group: Development/Languages/C and C++ +Requires: %{name}-hpijs = %{version}-%{release} +Requires: %{name}-sane = %{version}-%{release} + +%description devel +This sub-package is only required by developers. + + %prep # first thing is to verify the GPG signed tarball, starting with openSUSE 12.3. %if 0%{?suse_version} > 1220 @@ -486,18 +497,8 @@ popd # /usr/lib/cups/filter/foomatic-rip-hplip # which points to foomatic-rip is installed: ln -s ../../../bin/foomatic-rip %{buildroot}/usr/lib/cups/filter/foomatic-rip-hplip -# Begin "Desktop menue entry stuff": -# Install /usr/share/hplip/data/images/64x64/hp_logo.png as desktop icon file -# because it is used in the hplip.desktop.in and hplip-systray.desktop.in sources: -install -D -m 644 %{buildroot}%{_datadir}/hplip/data/images/32x32/hp_logo.png %{buildroot}%{_datadir}/icons/hicolor/32x32/apps/HPmenu.png -install -D -m 644 %{buildroot}%{_datadir}/hplip/data/images/64x64/hp_logo.png %%{buildroot}%{_datadir}/icons/hicolor/64x64/apps/HPmenu.png -install -D -m 644 %{buildroot}%{_datadir}/hplip/data/images/128x128/hp_logo.png %{buildroot}%{_datadir}/icons/hicolor/128x128/apps/HPmenu.png -install -D -m 644 %{buildroot}%{_datadir}/hplip/data/images/256x256/hp_logo.png %{buildroot}%{_datadir}/icons/hicolor/256x256/apps/HPmenu.png -# Set up and install the desktop menue entry stuff using "Categories=System;Monitor;" -# and remove HP's hplip.desktop and hplip-systray.desktop files before because we use Source100: -# (additionally there is/was a typo in HP's install because of the trailing blank at 'applications ') -rm %{buildroot}%{_datadir}/applications/hplip*.desktop -%suse_update_desktop_file -i %{name} System HardwareSettings Printing +# Replace the invalid Desktop categories +%suse_update_desktop_file -r %{buildroot}%{_datadir}/applications/hplip.desktop System HardwareSettings # Let suse_update_desktop_file add X-SuSE-translate key to /etc/xdg/autostart/hplip-systray.desktop # so that we can update its translations with translation-only packages. %suse_update_desktop_file %{buildroot}/etc/xdg/autostart/hplip-systray.desktop @@ -517,6 +518,9 @@ install -m 644 %{SOURCE102} %{buildroot}%{_mandir}/man1/ %fdupes -s %{buildroot}/%{_datadir}/hplip/data/images %post +%if 0%{?suse_version} >= 1140 +%desktop_database_post +%endif %if 0%{?suse_version} > 1130 %icon_theme_cache_post %else @@ -551,6 +555,9 @@ find /usr/share/hplip/ -name '*.py[co]' -delete exit 0 %postun +%if 0%{?suse_version} >= 1140 +%desktop_database_postun +%endif %if 0%{?suse_version} > 1130 %icon_theme_cache_postun %else @@ -636,7 +643,6 @@ exit 0 %dir /usr/lib/cups/filter /usr/lib/cups/filter/hpcupsfax %doc %{_defaultdocdir}/%{name}/ -%{_datadir}/icons/hicolor/*/apps/HPmenu.png %{_datadir}/applications/%{name}.desktop %{_datadir}/hplip/ %exclude %{_datadir}/hplip/data/models/models.dat @@ -648,8 +654,8 @@ exit 0 %config %{_sysconfdir}/cups/pstotiff.types %{_bindir}/hpijs %doc %{_mandir}/man1/hpijs.1.gz -%{_libdir}/libhpip.* -%{_libdir}/libhpmud.* +%{_libdir}/libhpip.so.* +%{_libdir}/libhpmud.so.* %dir /usr/lib/cups %dir /usr/lib/cups/backend /usr/lib/cups/backend/hp @@ -676,6 +682,14 @@ exit 0 %files sane %defattr(-, root, root) %dir %{_libdir}/sane -%{_libdir}/sane/libsane-hpaio.* +%{_libdir}/sane/libsane-hpaio.so.* + +%files devel +%defattr(-, root, root) +%{_libdir}/libhpip.so +%{_libdir}/libhpmud.so +%{_libdir}/*.la +%{_libdir}/sane/libsane-hpaio.so +%{_libdir}/sane/*.la %changelog From 1b405163fee92376011d57801a0700d59e1af79afedb6afd4958dc47accfd08d Mon Sep 17 00:00:00 2001 From: Johannes Meixner Date: Wed, 4 Dec 2013 14:50:19 +0000 Subject: [PATCH 2/2] Accepting request 209404 from home:jsmeix:branches:Printing disabled hp-upgrade/upgrade.py for security reasons (bnc#853405) OBS-URL: https://build.opensuse.org/request/show/209404 OBS-URL: https://build.opensuse.org/package/show/Printing/hplip?expand=0&rev=86 --- disable_hp-upgrade.patch | 14 ++++++++++++++ hplip.changes | 7 +++++++ hplip.spec | 15 ++++++++++++++- 3 files changed, 35 insertions(+), 1 deletion(-) create mode 100644 disable_hp-upgrade.patch diff --git a/disable_hp-upgrade.patch b/disable_hp-upgrade.patch new file mode 100644 index 0000000..aa4ace1 --- /dev/null +++ b/disable_hp-upgrade.patch @@ -0,0 +1,14 @@ +--- upgrade.py.orig 2013-10-31 12:46:54.000000000 +0100 ++++ upgrade.py 2013-12-04 14:58:03.000000000 +0100 +@@ -134,6 +134,11 @@ except getopt.GetoptError, e: + if os.getenv("HPLIP_DEBUG"): + log.set_level('debug') + ++ ++log.error("HPLIP upgrade is disabled by openSUSE for security reasons, see https://bugzilla.novell.com/show_bug.cgi?id=853405 - if you like to upgrade HPLIP, use an openSUSE software package manager like YaST or zypper.") ++clean_exit(1) ++ ++ + for o, a in opts: + if o in ('-h', '--help'): + usage() diff --git a/hplip.changes b/hplip.changes index e132a5d..b5844cc 100644 --- a/hplip.changes +++ b/hplip.changes @@ -1,3 +1,10 @@ +------------------------------------------------------------------- +Wed Dec 4 14:25:51 CET 2013 - jsmeix@suse.de + +- disable_hp-upgrade.patch disables hp-upgrade/upgrade.py for + security reasons (bnc#853405). To upgrade HPLIP an openSUSE + software package manager like YaST or zypper should be used. + ------------------------------------------------------------------- Tue Nov 26 19:33:01 UTC 2013 - mailaender@opensuse.org diff --git a/hplip.spec b/hplip.spec index ceda112..4ee8f57 100644 --- a/hplip.spec +++ b/hplip.spec @@ -114,6 +114,10 @@ Patch104: do_not_open_mdns_port.diff # the add_group function that would add the groups ('lp') to user which # would cause security issues see https://bugs.launchpad.net/bugs/1197416 # which is no longer needed because there is no longer that "chgrp" stuff in HPLIP version 3.13.10. +# Patch106 disable_hp-upgrade.patch disables hp-upgrade/upgrade.py for security reasons, +# see https://bugzilla.novell.com/show_bug.cgi?id=853405 +# To upgrade HPLIP an openSUSE software package manager like YaST or zypper should be used. +Patch106: disable_hp-upgrade.patch # Install into this non-root directory (required when norootforbuild is used): BuildRoot: %{_tmppath}/%{name}-%{version}-build PreReq: coreutils @@ -125,7 +129,8 @@ PreReq: /usr/bin/find # The exact matching version-release of the sub-package is available on the same # repository where the main-package is (compare the "Recommends: hplip" entry below). Requires: %{name}-hpijs = %{version}-%{release} -# Same rationale for the sane subpackage. +# Require the exact matching version-release of the sane sub-package to make sure +# to have the exact matching version of libsane-hpaio installed: Requires: %{name}-sane = %{version}-%{release} # Because foomatic-rip-hplip has CVE-2011-2697 (bnc#698451) # plus a leftover in CVE-2004-0801 (bnc#59233) @@ -318,7 +323,11 @@ with the scan drivers in HPLIP for standard HP all-in-one printers. %package devel Summary: Development files for hplip Group: Development/Languages/C and C++ +# Require the exact matching version-release of the hpijs sub-package to make sure +# to have the exact matching version of libhpip and libhpmud installed: Requires: %{name}-hpijs = %{version}-%{release} +# Require the exact matching version-release of the sane sub-package to make sure +# to have the exact matching version of libsane-hpaio installed: Requires: %{name}-sane = %{version}-%{release} %description devel @@ -338,6 +347,10 @@ This sub-package is only required by developers. # in distros.dat for SUSE distros to avoid security issues when ports in the firewall # get opened. see https://bugs.launchpad.net/bugs/426161 %patch104 -b .do_not_open_mdns_port.orig +# Patch106 disable_hp-upgrade.patch disables hp-upgrade/upgrade.py for security reasons, +# see https://bugzilla.novell.com/show_bug.cgi?id=853405 +# To upgrade HPLIP an openSUSE software package manager like YaST or zypper should be used. +%patch106 -b .disable_hp-upgrade.orig %build # If AUTOMAKE='automake --foreign' is not set, autoreconf (in fact automake)