| Index | index by Group | index by Distribution | index by Vendor | index by creation date | index by Name | Mirrors | Help | Search |
| Name: cups-ddk | Distribution: openSUSE Tumbleweed |
| Version: 2.4.10 | Vendor: openSUSE |
| Release: 2.1 | Build date: Mon Jul 8 15:50:50 2024 |
| Group: Hardware/Printing | Build host: reproducible |
| Size: 287873 | Source RPM: cups-2.4.10-2.1.src.rpm |
| Packager: https://bugs.opensuse.org | |
| Url: https://openprinting.github.io/cups | |
| Summary: CUPS Driver Development Kit | |
The CUPS Driver Development Kit (DDK) provides a suite of standard drivers, a PPD file compiler, and other utilities that can be used to develop printer drivers for CUPS.
Apache-2.0
* Mon Jul 08 2024 Johannes Meixner <jsmeix@suse.com>
- Replaced avoid_C99_mode_for_loop_initial_declarations.patch
which is now the upstream fix
https://github.com/OpenPrinting/cups/commit/a2b8872ea95564e065e3a08e2aa12a15515bc993
see https://github.com/OpenPrinting/cups/issues/1000
and https://github.com/OpenPrinting/cups/pull/1004
* Tue Jul 02 2024 Johannes Meixner <jsmeix@suse.com>
- Version upgrade to 2.4.10:
See https://github.com/openprinting/cups/releases
CUPS 2.4.10 brings two fixes:
* Fixed error handling when reading a mixed 1setOf attribute.
* Fixed scheduler start if there is only domain socket
to listen on (Issue #985) which is fix for regression
after fix for CVE-2024-35235 in scenarios where is
no other listeners in cupsd.conf than domain socket
created on demand by systemd, launchd or upstart.
Issues are those at https://github.com/OpenPrinting/cups/issues
- Version upgrade to 2.4.9:
See https://github.com/openprinting/cups/releases
CUPS 2.4.9 brings security fix for CVE-2024-35235 and
several bug fixes regarding CUPS Web User Interface,
PPD generation and HTTP protocol implementation.
Detailed list (from CHANGES.md):
* Fixed domain socket handling (CVE-2024-35235)
* Fixed creating of `cupsUrfSupported` PPD keyword
(Issue #952)
* Fixed searching for destinations in web ui (Issue #954)
* Fixed TLS negotiation using OpenSSL with servers
that require the TLS SNI extension.
* Really raised `cups_enum_dests()` timeout for listing
available IPP printers (Issue #751)...
* Fixed `Host` header regression (Issue #967)
* Fixed DNS-SD lookups of local services with Avahi
(Issue #970)
* Fixed listing jobs in destinations in web ui.
(Apple issue #6204)
* Fixed showing search query in web ui help page.
(Issue #977)
Issues are those at https://github.com/OpenPrinting/cups/issues
Apple issues are those at https://github.com/apple/cups/issues
- Adapted downgrade-autoconf-requirement.patch for CUPS 2.4.10
- Removed cups-2.4.8-CVE-2024-35235.patch : fixed upstream
see the above CUPS 2.4.9 changes
- avoid_C99_mode_for_loop_initial_declarations.patch avoids error
"'for' loop initial declarations are only allowed in C99 mode"
that happens when building for SLE12
in scheduler/client.c at "for (char *start = ..." since
https://github.com/OpenPrinting/cups/commit/a7eda84da73126e40400e05dd27d57f8c92d5b0d
see https://github.com/OpenPrinting/cups/issues/1000
* Tue Jun 11 2024 Johannes Meixner <jsmeix@suse.com>
- cups-2.4.8-CVE-2024-35235.patch is derived
from the upstream patch against master (CUPS 2.5)
to apply to CUPS 2.4.8 in openSUSE Factory to fix CVE-2024-35235
"cupsd Listen port arbitrary chmod 0140777"
https://github.com/OpenPrinting/cups/security/advisories/GHSA-vvwp-mv6j-hw6f
bsc#1225365
* Wed May 29 2024 Dominique Leuenberger <dimstar@opensuse.org>
- Update to version 2.4.8:
See https://github.com/openprinting/cups/releases
CUPS 2.4.8 brings many bug fixes which aggregated over the last
half a year. It brings the important fix for race conditions
and errors which can happen when installing permanent
IPP Everywhere printer, support for PAM modules password-auth
and system-auth and new option for lpstat which can show only
the successful jobs.
Detailed list (from CHANGES.md):
* Added warning if the device has to be asked for
'all,media-col-database' separately (Issue #829)
* Added new value for 'lpstat' option '-W' - successfull - for
getting successfully printed jobs (Issue #830)
* Added support for PAM modules password-auth
and system-auth (Issue #892)
* Updated IPP Everywhere printer creation error
reporting (Issue #347)
* Updated and documented the MIME typing buffering
limit (Issue #925)
* Raised 'cups_enum_dests()' timeout for listing
available IPP printers (Issue #751)
* Now report an error for temporary printer defaults
with lpadmin (Issue #237)
* Fixed mapping of PPD InputSlot, MediaType,
and OutputBin values (Issue #238)
* Fixed "document-unprintable-error" handling (Issue #391)
* Fixed the web interface not showing an error
for a non-existent printer (Issue #423)
* Fixed printing of jobs with job name longer than 255 chars
on older printers (Issue #644)
* Really backported fix for Issue #742
* Fixed 'cupsCopyDestInfo' device connection
detection (Issue #586)
* Fixed "Upgrade" header handling when there is
no TLS support (Issue #775)
* Fixed memory leak when unloading a job (Issue #813)
* Fixed memory leak when creating color profiles (Issue #815)
* Fixed a punch finishing bug in the IPP Everywhere
support (Issue #821)
* Fixed crash in 'scan_ps()' if incoming argument
is NULL (Issue #831)
* Fixed setting job state reasons for successful
jobs (Issue #832)
* Fixed infinite loop in IPP backend if hostname
is IP address with Kerberos (Issue #838)
* Added additional check on socket if 'revents' from 'poll()'
returns POLLHUP together with POLLIN or POLLOUT
in 'httpAddrConnect2()' (Issue #839)
* Fixed crash in 'ppdEmitString()' if 'size' is NULL (Issue #850)
* Fixed reporting 'media-source-supported' when
sharing printer which has numbers as strings instead of
keywords as 'InputSlot' values (Issue #859)
* Fixed IPP backend to support the "print-scaling" option
with IPP printers (Issue #862)
* Fixed potential race condition for the creation
of temporary queues (Issue #871)
* Fixed 'httpGets' timeout handling (Issue #879)
* Fixed checking for required attributes during
PPD generation (Issue #890)
* Fixed encoding of IPv6 addresses in HTTP requests (Issue #903)
* Fixed sending response headers to client (Issue #927)
* Fixed CGI program initialization and validation
of form checkbox and text fields.
Issues are those at https://github.com/OpenPrinting/cups/issues
- Adapted downgrade-autoconf-requirement.patch for CUPS 2.4.8
* Mon Feb 26 2024 Dominique Leuenberger <dimstar@opensuse.org>
- Use %patch -P N instead of deprecated %patchN.
* Fri Feb 02 2024 Johannes Meixner <jsmeix@suse.com>
- Removed outdated ntadmin stuff from cups.spec (boo#1219503)
* Wed Jan 24 2024 Johannes Meixner <jsmeix@suse.com>
- Version upgrade to 2.4.7:
See https://github.com/openprinting/cups/releases
CUPS 2.4.7 is released to ship the fix for CVE-2023-4504
and several other changes, among them it is
adding OpenSSL support for cupsHashData function and bug fixes.
Detailed list:
* CVE-2023-4504 - Fixed Heap-based buffer overflow when
reading Postscript in PPD files
* Added OpenSSL support for cupsHashData (Issue #762)
* Fixed delays in lpd backend (Issue #741)
* Fixed extensive logging in scheduler (Issue #604)
* Fixed hanging of lpstat on IBM AIX (Issue #773)
* Fixed hanging of lpstat on Solaris (Issue #156)
* Fixed printing to stderr if we can't open cups-files.conf
(Issue #777)
* Fixed purging job files via cancel -x (Issue #742)
* Fixed RFC 1179 port reserving behavior in LPD backend
(Issue #743)
* Fixed a bug in the PPD command interpretation code
(Issue #768)
Issues are those at https://github.com/OpenPrinting/cups/issues
- Version upgrade to 2.4.6:
See https://github.com/openprinting/cups/releases
CUPS 2.4.6 is released to ship the fix for CVE-2023-34241
and two other bug fixes.
Detailed list:
* Fix linking error on old MacOS (Issue #715)
* Fix printing multiple files on specific printers (Issue #643)
* Fix use-after-free when logging warnings in case of failures
in cupsdAcceptClient() (fixes CVE-2023-34241)
Issues are those at https://github.com/OpenPrinting/cups/issues
- Version upgrade to 2.4.5:
See https://github.com/openprinting/cups/releases
CUPS 2.4.5 is a hotfix release for a bug which corrupted
locally saved certificates, which broke secured printing
via TLS after the first print job.
- Version upgrade to 2.4.4:
See https://github.com/openprinting/cups/releases
CUPS 2.4.4 release is created as a hotfix for segfault
in cupsGetNamedDest(), when caller tries to find
the default destination and the default destination
is not set on the machine.
- Version upgrade to 2.4.3:
See https://github.com/openprinting/cups/releases
CUPS 2.4.3 brings fix for CVE-2023-32324, several improvements
and many bug fixes. CUPS now implements fallback for printers
with broken firmware, which is not capable of answering
to IPP request get-printer-attributes with all,
media-col-database - this enables driverless support for
bunch of printers which don't follow IPP Everywhere standard.
Aside from the CVE fix the most important fixes are around color
settings, printer application support fixes and OpenSSL support.
Detailed list of changes:
* Added a title with device uri for found network printers
(Issues #402, #393)
* Added new media sizes defined by IANA (Issues #501)
* Added quirk for GoDEX label printers (Issue #440)
* Fixed --enable-libtool-unsupported (Issue #394)
* Fixed configuration on RISC-V machines (Issue #404)
* Fixed the device_uri invalid pointer for driverless printers
with .local hostname (Issue #419)
* Fixed an OpenSSL crash bug (Issue #409)
* Fixed a potential SNMP OID value overflow issue (Issue #431)
* Fixed an OpenSSL certificate loading issue (Issue #465)
* Fixed Brazilian Portuguese translations (Issue #288)
* Fixed cupsd default keychain location when building
with OpenSSL (Issue #529)
* Fixed default color settings for CMYK printers as well
(Issue #500)
* Fixed duplicate PPD2IPP media-type names (Issue #688)
* Fixed possible heap buffer overflow in _cups_strlcpy()
(fixes CVE-2023-32324)
* Fixed InputSlot heuristic for photo sizes smaller than 5x7"
if there is no media-source in the request (Issue #569)
* Fixed invalid memory access during generating IPP Everywhere
queue (Issue #466)
* Fixed lprm if no destination is provided (Issue #457)
* Fixed memory leaks in create_local_bg_thread() (Issue #466)
* Fixed media size tolerance in ippeveprinter (Issue #487)
* Fixed passing command name without path into ippeveprinter
(Issue #629)
* Fixed saving strings file path in printers.conf (Issue #710)
* Fixed TLS certificate generation bugs (Issue #652)
* ippDeleteValues would not delete the last value (Issue #556)
* Ignore some of IPP defaults if the application sends
its PPD alternative (Issue #484)
* Make Letter the default size in ippevepcl (Issue #543)
* Now accessing Admin page in Web UI requires authentication
(Issue #518)
* Now look for default printer on network if needed (Issue #452)
* Now we poll media-col-database separately if we fail at first
(Issue #599)
* Now report fax attributes and values as needed (Issue #459)
* Now localize HTTP responses using the Content-Language value
(Issue #426)
* Raised file size limit for importing PPD via Web UI
(Issue #433)
* Raised maximum listen backlog size to INT MAX (Issue #626)
* Update print-color-mode if the printer is modified
via ColorModel PPD option (Issue #451)
* Use localhost when printing via printer application
(Issue #353)
* Write defaults into /etc/cups/lpoptions if we're root
(Issue #456)
Issues are those at https://github.com/OpenPrinting/cups/issues
- Adapted downgrade-autoconf-requirement.patch for CUPS 2.4.7
- Removed cups-2.4.2-CVE-2023-4504.patch : fixed upstream
see the above CUPS 2.4.7 changes
- Removed cups-2.4.2-CVE-2023-32360.patch : fixed upstream via
https://github.com/OpenPrinting/cups/commit/a0c8b9c9556882f00c68b9727a95a1b6d1452913
- Removed cups-2.4.2-CVE-2023-34241.patch : fixed upstream
see the above CUPS 2.4.6 changes
- Removed cups-2.4.2-CVE-2023-32324.patch : fixed upstream
see the above CUPS 2.4.3 changes
* Wed Sep 20 2023 Johannes Meixner <jsmeix@suse.com>
- cups-2.4.2-CVE-2023-4504.patch fixes CVE-2023-4504
"CUPS PostScript Parsing Heap Overflow"
https://github.com/OpenPrinting/cups/security/advisories/GHSA-pf5r-86w9-678h
bsc#1215204
* Wed Sep 20 2023 Johannes Meixner <jsmeix@suse.com>
- cups-2.4.2-CVE-2023-32360.patch fixes CVE-2023-32360
"Information leak through Cups-Get-Document operation"
by requiring authentication for CUPS-Get-Document in cupsd.conf
https://github.com/OpenPrinting/cups/commit/a0c8b9c9556882f00c68b9727a95a1b6d1452913
https://github.com/OpenPrinting/cups/security/advisories/GHSA-7pv4-hx8c-gr4g
bsc#1214254
- cups-2.4.2-additional_policies.patch is an updated version
of cups-2.0.3-additional_policies.patch that replaces it
to add the 'allowallforanybody' policy to cupsd.conf
after cups-2.4.2-CVE-2023-32360.patch was applied
* Thu Jun 22 2023 Johannes Meixner <jsmeix@suse.com>
- cups-2.4.2-CVE-2023-34241.patch fixes CVE-2023-34241
"use-after-free in cupsdAcceptClient()"
https://github.com/OpenPrinting/cups/security/advisories/GHSA-qjgh-5hcq-5f25
bsc#1212230
* Thu Jun 01 2023 Johannes Meixner <jsmeix@suse.com>
- cups-2.4.2-CVE-2023-32324.patch fixes CVE-2023-32324
"Heap buffer overflow in cupsd"
https://github.com/OpenPrinting/cups/security/advisories/GHSA-cxc6-w2g7-69p7
bsc#1211643
* Mon Dec 12 2022 Callum Farmer <gmbr3@opensuse.org>
- Use %_pam_vendordir
* Sat Dec 10 2022 Callum Farmer <gmbr3@opensuse.org>
- Remove invalid %config directive on %_distconfdir/pam.d/cups
* Fri Dec 09 2022 Stefan Schubert <schubi@suse.com>
- Migration PAM settings to /usr/etc: Fixed posttrans.
Should only be used for TW.
* Thu Dec 08 2022 Stefan Schubert <schubi@suse.com>
- Migration PAM settings to /usr/etc: Saving user changed
configuration files in /etc and restoring them while an RPM
update.
* Sat Jul 09 2022 Callum Farmer <gmbr3@opensuse.org>
- Move the dbus-1 system.d file to /usr (bsc#1201346)
* Mon May 30 2022 jsmeix@suse.de
- Version upgrade to 2.4.2:
See https://github.com/openprinting/cups/releases
CUPS 2.4.2 brings the fix for CVE-2022-26691 (#bsc1199474)
together with LibreSSL/OpenSSL and minimal AIX support.
* Fixed certificate strings comparison
for Local authorization (CVE-2022-26691)
* The `cupsFileOpen` function no longer opens files
for append in read-write mode (Issue #291)
* The cupsd daemon removed processing temporary
queue (Issue #364)
* Fixed delay in IPP backend if GNUTLS is used and endpoint
doesn't confirm closing the connection (Issue #365)
* Fixed conditional jump based on uninitialized value
in cups/ppd.c (Issue #329)
* Fixed CSS related issues in CUPS Web UI (Issue #344)
* Fixed copyright in CUPS Web UI trailer template (Issue #346)
* mDNS hostname in device uri is not resolved when installaling
a permanent IPP Everywhere queue (Issues #340, #343)
* The `lpstat` command now reports when the scheduler
is not running (Issue #352)
* Updated the man pages concerning the `-h` option (Issue #357)
* Re-added LibreSSL/OpenSSL support (Issue #362)
* Updated the Solaris smf service file (Issue #368)
* Fixed a regression in lpoptions option support (Issue #370)
* The scheduler now regenerates the PPD cache information after
changing the "cupsd.conf" file (Issue #371)
* Updated the scheduler to set "auth-info-required"
to "username,password" if a backend reports it needs
authentication info but doesn't set a method
for authentication (Issue #373)
* Updated the configure script to look for the OpenSSL library
the old way if pkg-config is not available (Issue #375)
* Fixed the prototype for the `httpWriteResponse`
function (Issue #380)
* Brought back minimal AIX support (Issue #389)
* `cupsGetResponse` did not always set the last error.
* Fixed a number of old references to the Apple CUPS web page.
* Restored the default/generic printer icon file
for the web interface.
* Removed old stylesheet classes that are no longer used
by the web interface.
- Adapted downgrade-autoconf-requirement.patch for CUPS 2.4.2
* Mon Apr 04 2022 jsmeix@suse.de
- Have cups.pc in %{_libdir} to avoid a conflict
that cups-devel and cups-devel-32bit would
both contain /usr/lib/pkgconfig/cups.pc because
when cups.pc is arch dependent it has to be in %{_libdir}
which it is because it contains 'libdir=/usr/lib64' on x86_64
(if it was arch independent it would have to be in %{_datadir})
cf. https://build.opensuse.org/request/show/965680
* Fri Mar 04 2022 jsmeix@suse.de
- Improved comments in spec file and in changes file
- Have cups.keyring in ASCII armored format
- Do not error out when 'make test' fails in the 'check' section
because https://github.com/OpenPrinting/cups/issues/155
is not yet actually fixed so currently the testsuite
still sometimes fails
* Tue Mar 01 2022 Aurelien Joga <aurelienjoga@gmail.com>
- Version upgrade to 2.4.1:
See https://github.com/openprinting/cups/releases
CUPS 2.4.1 is the first bug fix release from 2.4.x series.
Among the other bug fixes it fixes sharing default color mode
to clients and several memory leaks.
* The default color mode now is now configurable and defaults
to the printer's reported default mode (Issue #277)
* Configuration script now checks linking for -Wl,-pie flags
(Issue #303)
* Fixed memory leaks -
in testi18n (Issue #313),
in cups_enum_dests() (Issue #317),
in _cupsEncodeOption() and http_tls_upgrade() (Issue #322)
* Fixed missing bracket in de/index.html (Issue #299)
* Fixed typos in configuration scripts (Issues #304, #316)
* Removed remaining legacy code for RIP_MAX_CACHE environment
variable (Issue #323)
* Removed deprecated directives from cupsctl and
cups-files.conf (Issue #300)
* Removed purge-jobs legacy code from CGI scripts and
templates (Issue #325)
- Version upgrade to 2.4.0:
CUPS 2.4.0 is the latest stable OpenPrinting CUPS release.
Among the changes from beta and release candidate
the stable release adds two new configuration options for
optimizing cupsd setup on servers and several other changes.
* Added configure option --with-idle-exit-timeout (Issue #294)
* Added --with-systemd-timeoutstartsec configure
option (Issue #298)
* DigestOptions now are applied for MD5 Digest authentication
defined by RFC 2069 as well (Issue #287)
* Fixed compilation on Solaris (Issue #293)
* Fixed and improved German translations (Issue #296, Issue #297)
- Version upgrade to 2.4rc1:
CUPS 2.4rc1 is a release candidate for OpenPrinting CUPS 2.4.0,
which adds two enhancements before the stable release.
* Added warning and debug messages when loading printers
if the queue is raw or with driver (Issue #286)
* Compilation now uses -fstack-protector-strong
if available (Issue #285)
- Version upgrade to 2.4b1:
CUPS 2.4b1 is the beta release for OpenPrinting CUPS 2.4
which contains several new features such as basic OAuth support,
support for AirPrint and Mopria clients and support for running
CUPS as a snap, several deprecations (Kerberos, cups-config),
removals of old deprecated directives, and many bug fixes.
* Added support for CUPS running in a Snapcraft snap.
* Added basic OAuth 2.0 client support (Issue #100)
* Added support for AirPrint and Mopria clients (Issue #105)
* Added configure support for specifying systemd dependencies
in the CUPS service file (Issue #144)
* Added several features and improvements to ipptool (Issue #153)
* Added a JSON output mode for ipptool.
* The ipptool command now correctly reports an error
when a test file cannot be found.
* CUPS library now uses thread safe getpwnam_r and getpwuid_r
functions (Issue #274)
* Fixed Kerberos authentication for the web interface (Issue #19)
* The ZPL sample driver now supports more "standard" label
sizes (Issue #70)
* Fixed reporting of printer instances when enumerating and when
no options are set for the main instance (Issue #71)
* Reverted USB read limit enforcement change
from CUPS 2.2.12 (Issue #72)
* The IPP backend did not return the correct status code
when a job was canceled at the printer/server (Issue #74)
* The testlang unit test program now loops over all of the
available locales by default (Issue #85)
* The cupsfilter command now shows error messages when options
are used incorrectly (Issue #88)
* The PPD functions now treat boolean values as
case-insensitive (Issue #106)
* Temporary queue names no longer end with an
underscore (Issue #110)
* The USB backend now runs as root (Issue #121)
* Added pkg-config file for libcups (Issue #122)
* Fixed a PPD memory leak caused by emulator
definitions (Issue #124)
* Fixed a DISPLAY bug in ipptool (Issue #139)
* The scheduler now includes the [Job N] prefix for job log
messages, even when using syslog logging (Issue #154)
* Added support for locales using the GB18030
character set (Issue #159)
* httpReconnect2 did not reset the socket file descriptor
when the TLS negotiation failed (Apple #5907)
* httpUpdate did not reset the socket file descriptor
when the TLS negotiation failed (Apple #5915)
* The IPP backend now retries Validate-Job requests (Issue #132)
* Now show better error messages when a driver interface program
fails to provide a PPD file (Issue #148)
* Added dark mode support to the CUPS web interface (Issue #152)
* Added a workaround for Solaris in httpAddrConnect2 (Issue #156)
* Fixed an interaction between --remote-admin and --remote-any
for the cupsctl command (Issue #158)
* Now use a 60 second timeout for reading USB backchannel
data (Issue #160)
* The USB backend now tries harder to find a serial
number (Issue #170)
* Fixed @IF(name) handling in cupsd.conf (Apple #5918)
* Fixed documentation and added examples for CUPS' limited
CGI support (Apple #5940)
* Fixed the lpc command prompt (Apple #5946)
* Now always pass "localhost" in the Host: header when talking
over a domain socket or the loopback interface (Issue #185)
* Fixed a job history update issue in the scheduler (Issue #187)
* Fixed job-pages-per-set value for duplex print jobs.
* Fixed an edge case in ippReadIO to make sure that only complete
attributes and values are retained on an error (Issue #195)
* Hardened ippReadIO to prevent invalid IPP messages from being
propagated (Issue #195, Issue #196)
* The scheduler now supports the "everywhere" model
directly (Issue #201)
* Fixed some IPP Everywhere option mapping problems (Issue #238)
* Fixed support for "job-hold-until" with the Restart-Job
operation (Issue #250)
* Fixed the default color/grayscale presets for
IPP Everywhere PPDs (Issue #262)
* Fixed support for the 'offline-report' state for all
USB backends (Issue #264)
* Documentation fixes (Issue #92, Issue #163, Issue #177,
Issue #184)
* Localization updates (Issue #123, Issue #129, Issue #134,
Issue #146, Issue #164)
* USB quirk updates (Issue #192, Issue #270, Apple #5766,
Apple #5838, Apple #5843, Apple #5867)
* Web interface updates (Issue #142, Issue #218)
* The ippeveprinter tool now automatically uses an
available port.
* Fixed several Windows TLS and hashing issues.
* Deprecated cups-config (Issue #97)
* Deprecated Kerberos (AuthType Negotiate)
authentication (Issue #98)
* Removed support for the (long deprecated and unused)
FontPath, ListenBackLog, LPDConfigFile, KeepAliveTimeout,
RIPCache, and SMBConfigFile directives in cupsd.conf
and cups-files.conf.
* Stubbed out deprecated httpMD5 functions.
* Add test for undefined page ranges during printing.
- downgrade-autoconf-requirement.patch downgrades the
autoconf requirement to what is currently available in openSUSE
- fix-negotiate-authentication-between-CGIs-and-scheduler.patch
is obsolete because it is included in the upstream code, see
https://github.com/OpenPrinting/cups/commit/3ff789ee90b18205c735e42e599eb3ee3043e88a
https://github.com/OpenPrinting/cups/pull/19
https://github.com/apple/cups/pull/5847
https://github.com/apple/cups/issues/5596
- upstream_pull_174.patch
is obsolete because it is included in the upstream code, see
https://github.com/OpenPrinting/cups/commit/43edb9df51b977d92929b084186dcd67d4f5ca44
https://github.com/OpenPrinting/cups/pull/174
https://github.com/OpenPrinting/cups/issues/72
- patch cups-2.1.0-cups-systemd-socket.patch
is obsolete because it is included in the upstream code, see
https://github.com/OpenPrinting/cups/commit/e96e96b4bd0d4e6f634bbb66b95d6e475501541c
- Updated upstream source tarball signing key in cups.keyring, see
https://github.com/OpenPrinting/cups/discussions/327#discussioncomment-2060579
- Re-enabled the CUPS upstream testsuite via 'make test'
and removed 'make check' because since the upstream commit
https://github.com/OpenPrinting/cups/commit/96ba46ebc818b610b0e40cbc9d62ef1dcd3ec9b6
the two Makefile targets 'test' and 'check' are identical.
- Changed cups-2.1.0-cups-systemd-socket.patch
to accomodate new coding style
- Changed cups-config-libs.orig to accommodate
recent code changes (SSL->TLS)
- Changed cups-2.1.0-default-webcontent-path.patch
to accommodate code changes
* Tue Feb 01 2022 jsmeix@suse.de
- Enhanced harden_cups.service.patch by adding
ReadWritePaths=/etc/cups
because cupsd needs write access in /etc/cups
(boo#1195288)
* Fri Oct 15 2021 Johannes Segitz <jsegitz@suse.com>
- Added hardening to systemd service(s) (bsc#1181400), see
https://en.opensuse.org/openSUSE:Security_Features#Systemd_hardening_effort
Added patch: harden_cups.service.patch
* Mon Jun 07 2021 jsmeix@suse.de
- Provide /usr/share/cups/ppdc/ in the "cups" main package
to avoid that "lpinfo -m" results in /var/log/cups/error_log
things like "ppdc: Unable to find include file font.defs"
or "ppdc: Unable to find include file hp.h" and then
"Bad driver information file /usr/share/cups/drv/sample.drv"
(bsc#1186843)
* Mon May 03 2021 jsmeix@suse.de
- When cupsd creates directories with specific owner group
and permissions (usually owner is 'root' and group matches
"configure --with-cups-group=lp") specify same owner group and
permissions in the RPM spec file to ensure those directories
are installed by RPM with the right settings because if those
directories were installed by RPM with different settings then
cupsd would use them as is and not adjust its specific owner
group and permissions which could lead to privilege escalation
from 'lp' user to 'root' via symlink attacks e.g. if owner is
falsely 'lp' instead of 'root' CVE-2021-25317 (bsc#1184161)
* Tue Apr 20 2021 jsmeix@suse.de
- upstream_pull_174.patch is
https://github.com/OpenPrinting/cups/pull/174
"Use 60s timeout for read_thread, revert read limits"
to fix printing with older USB printers
- New upstream URL https://openprinting.github.io/cups
* Tue Apr 06 2021 jsmeix@suse.de
- Disable testsuite for now via "bcond_with testsuite"
until https://github.com/OpenPrinting/cups/issues/155 is fixed
* Thu Mar 25 2021 Florian <sp1ritCS@protonmail.com>
- Add "testsuite" conditional that disables anything within %check
* Fri Mar 19 2021 Samuel Cabrero <scabrero@suse.de>
- fix-negotiate-authentication-between-CGIs-and-scheduler.patch
fixes web UI Kerberos authentication (bsc#1175960)
* Fri Mar 19 2021 Florian <sp1ritCS@protonmail.com>
- Upstream changed to https://github.com/OpenPrinting/cups
- Added %check section to specfile that executes
the old 'make check' and the new (see 2.3.3op1) 'make test'
- Version upgrade to 2.3.3op2:
* Security: Fixed a buffer (read) overflow
in the ippReadIO function (CVE-2020-10001)
* Clarified the documentation for the "Listen" directive
* Fixed duplicate ColorModel entries for AirPrint printers
* Fixed directory/permission defaults for Debian
kfreebsd-based systems
* Fixed crash bug in ppdOpen
* Fixed regression in snprintf emulation function
* The scheduler's systemd service file now waits
for the nslcd service to start
* The libusb-based USB backend now uses a simpler read timer
implementation to avoid a regression in a previous change
* The PPD caching code now only tracks the APPrinterIconPath
value on macOS
* Fixed segfault in help.cgi when searching in man pages
* Root certificates were incorrectly stored in "~/.cups/ssl".
* Version upgrade to 2.3.3op1:
* The automated test suite can now be activated using make test
for consistency with other projects and CI environments - the
old make check continues to work as well, and the previous test
server behavior can be accessed by running make testserver.
* ippeveprinter now supports multiple icons and strings files.
* ippeveprinter now uses the system's FQDN with Avahi.
* ippeveprinter now supports Get-Printer-Attributes on "/".
* ippeveprinter now uses a deterministic "printer-uuid" value.
* ippeveprinter now uses system sounds on macOS
for Identify-Printer.
* Updated ippfind to look for files in "~/Desktop" on Windows.
* Updated ippfind to honor SKIP-XXX directives with PAUSE.
* Updated IPP Everywhere support to work around printers that only
advertise color raster support but really also support grayscale
* ipptool now supports DNS-SD URIs like
ipps://My%20Printer._ipps._tcp.local
* The scheduler now allows root backends to have world read
permissions but not world execute permissions
* Failures to bind IPv6 listener sockets no longer cause errors
if IPv6 is disabled on the host
* The SNMP backend now supports the HP and Ricoh vendor MIBs
* The scheduler no longer includes a timestamp in files it writes
* The systemd service names are now "cups.service"
and "cups-lpd.service"
* The scheduler no longer adds the local hostname to
the ServerAlias list
* Added LogFileGroup directive in "cups-files.conf" to control
the group owner of log files
* Added --with-max-log-size configure option
* Added --enable-sync-on-close configure option
* Added --with-error-policy configure option
* IPP Everywhere PPDs could have an "unknown" default InputSlot
* The httpAddrListen function now uses a listen backlog of 128.
* Added USB quirks
* Fixed IPP Everywhere v1.1 conformance issues in ippeveprinter.
* Fixed DNS-SD name collision support in ippeveprinter.
* Fixed compiler and code analyzer warnings.
* Fixed TLS support on Windows.
* Fixed ippfind sub-type searches with Avahi.
* Fixed the default hostname used by ippeveprinter on macOS.
* Fixed resolution of local IPP-USB printers with Avahi.
* Fixed coverity issues
* Fixed httpAddrConnect issues
* Fixed web interface device URI issue
* Fixed lp/lpr "printer/class not found" error reporting
* Fixed xinetd support for LPD clients
* Fixed libtool build issue
* Fixed a memory leak in the scheduler
* Fixed a potential integer overflow in the PPD hashing code
* Fixed output-bin and print-quality handling issues
* Fixed PPD options getting mapped to odd IPP values
like "tray---4"
* Fixed remote access to the cupsd.conf and log files
* Fixed the automated test suite when running in certain
build/CI environments
* Fixed a logging regression caused by a previous change
for Apple issue #5604
* Fixed fax phone number handling with GNOME
* Fixed potential rounding error in rastertopwg filter
* Fixed the "uri-security-supported" value from the scheduler
* Fixed IPP backend crash bug with "printer-alert" values
* Removed old Solaris inetconv(1m) reference in cups-lpd man page
* Fixed default options that incorrectly use the "custom" prefix
* Fixed a memory leak when resolving DNS-SD URIs
* Fixed systemd status reporting by adopting the notify interface
* Fixed crash in rastertopwg
* Fixed cupsManualCopies values in IPP Everywhere PPDs
- Removed let-cupsd-start-after-network.patch
as it is no longer required
- Removed CVE-2020-10001.patch as a fix as been merged upstream
- Removed section of specfile responsible for
renaming "org.cups.cups*" systemd files to cups*, due to
upstream renaming these files
* Thu Mar 18 2021 olaf@aepfle.de
- Remove code comments from expanded scriptlets to reduce size
cf. https://build.opensuse.org/request/show/879976
* Tue Feb 02 2021 jsmeix@suse.de
- CVE-2020-10001.patch fixes CVE-2020-10001 (bsc#1180520)
access to uninitialized buffer in ipp.c
/usr/bin/ppdc /usr/bin/ppdhtml /usr/bin/ppdi /usr/bin/ppdmerge /usr/bin/ppdpo /usr/share/man/man1/ppdc.1.gz /usr/share/man/man1/ppdhtml.1.gz /usr/share/man/man1/ppdi.1.gz /usr/share/man/man1/ppdmerge.1.gz /usr/share/man/man1/ppdpo.1.gz /usr/share/man/man5/ppdcfile.5.gz
Generated by rpm2html 1.8.1
Fabrice Bellet, Sun Sep 29 00:54:24 2024