Index index by Group index by Distribution index by Vendor index by creation date index by Name Mirrors Help Search

cups-client-2.2.7-3.26.1 RPM for ppc64le

From OpenSuSE Leap 15.3 for ppc64le

Name: cups-client Distribution: SUSE Linux Enterprise 15
Version: 2.2.7 Vendor: SUSE LLC <https://www.suse.com/>
Release: 3.26.1 Build date: Tue Apr 13 13:10:03 2021
Group: Hardware/Printing Build host: cabernet
Size: 1111457 Source RPM: cups-2.2.7-3.26.1.src.rpm
Packager: https://www.suse.com/
Url: http://www.cups.org/
Summary: CUPS Client Programs
CUPS is a modular printing system which allows a computer to act as a
print server. A computer running CUPS is a host that can accept print
jobs from client computers, process them, and send them to the
appropriate printer.

This package contains the traditional command line interfaces for the
System V and Berkeley print systems.

Provides

Requires

License

GPL-2.0

Changelog

* Mon Apr 12 2021 jsmeix@suse.de
  - When cupsd creates directories with specific owner group
    and permissions (usually owner is 'root' and group matches
    "configure --with-cups-group=lp") specify same owner group and
    permissions in the RPM spec file to ensure those directories
    are installed by RPM with the right settings because if those
    directories were installed by RPM with different settings then
    cupsd would use them as is and not adjust its specific owner
    group and permissions which could lead to privilege escalation
    from 'lp' user to 'root' via symlink attacks e.g. if owner is
    falsely 'lp' instead of 'root' CVE-2021-25317 (bsc#1184161)
* Fri Mar 19 2021 scabrero@suse.de
  - cups-2.2.7-web-ui-kerberos-authentication.patch (bsc#1175960)
    Fix web UI kerberos authentication
* Mon Jan 11 2021 jsmeix@suse.de
  - cups-2.2.7-CVE-2020-10001.patch fixes CVE-2020-10001
    access to uninitialized buffer in ipp.c (bsc#1180520)
  - cups-2.2.7-CVE-2019-8842.patch fixes CVE-2019-8842 (bsc#1170671)
    the ippReadIO function may under-read an extension field
* Mon Apr 06 2020 jsmeix@suse.de
  - cups-2.2.7-CVE-2020-3898.patch fixes CVE-2020-3898 (bsc#1168422)
    heap-buffer-overflow in libcups ppdFindOption() function
* Wed Nov 13 2019 jsmeix@suse.de
  - cups-2.2.7-CVE-2019-8675.CVE-2019-8696.patch fixes
    CVE-2019-8675 and CVE-2019-8696 (bsc#1146358 and bsc#1146359)
    and some other security/disclosure issues
    https://github.com/apple/cups/commit/f24e6cf6a39300ad0c3726a41a4aab51ad54c109
    (Apple's internal issues rdar://51685251, rdar://50035411,
    rdar://51373853, rdar://51373929)
* Thu Feb 21 2019 vliaskovitis@suse.com
  - Add issue5509-fix-utf-8-validation-issue.patch (bsc#1118118)
    Fixes https://github.com/apple/cups/issues/5509
* Mon Dec 03 2018 jsmeix@suse.de
  - cups-2.2.7-CVE-2018-4700.patch fixes CVE-2018-4700: session
    cookie is extremely predictable, effectively breaking the
    CSRF protection of the CUPS web interface (bsc#1115750)
* Mon Jun 18 2018 jsmeix@suse.de
  - cups-branch-2.2-commit-97cb566568a8c3a9c07c7ccec09f28f5c5015954.diff
    is 'git show 97cb566568a8c3a9c07c7ccec09f28f5c5015954' for
    https://github.com/apple/cups/commit/97cb566568a8c3a9c07c7ccec09f28f5c5015954
    (except the not needed hunk for patching CHANGES.md which fails)
    that fixes local privilege escalation to root and sandbox
    bypasses in scheduler (Apple's internal issues rdar://37836779,
    rdar://37836995, rdar://37837252, rdar://37837581)
    in the CUPS 2.2 branch
    bsc#1096405 CVE-2018-4180:
    Local Privilege Escalation to Root in dnssd Backend (CUPS_SERVERBIN)
    bsc#1096406 CVE-2018-4181:
    Limited Local File Reads as Root via cupsd.conf Include Directive
    bsc#1096407 CVE-2018-4182:
    cups-exec Sandbox Bypass Due to Insecure Error Handling
    bsc#1096408 CVE-2018-4183:
    cups-exec Sandbox Bypass Due to Profile Misconfiguration
* Wed Mar 28 2018 jsmeix@suse.de
  - Version upgrade to 2.2.7:
    CUPS 2.2.7 is a general bug fix release.
    For details see https://github.com/apple/cups/releases
    or the CHANGES.md file.
    Changes include:
    * Additional security fixes for:
      bsc#1061066 DBUS library aborts caller process
      in _dbus_check_is_valid_utf8 (in particular that aborts cupsd)
      and
      bsc#1087018 CVE-2017-18248: cups: The add_job function in
      scheduler/ipp.c in CUPS before 2.2.6, when D-Bus support is
      enabled, can be crashed by remote attackers by sending print
      jobs with an invalid username, related to a D-Bus notification
      which are the CUPS upstream issues
      https://github.com/apple/cups/issues/5143
      Remote DoS attack against cupsd via invalid username
      and malicious D-Bus library
      and
      https://github.com/apple/cups/issues/5186
      squash non-UTF-8 strings into ASCII on plain IPP level
      and
      https://github.com/apple/cups/issues/5229
      persistently substitute invalid job attributes
      with default values - not only in add_job
      see also
      bsc#1087072 dbus-1:
      Disable assertions to prevent un-expected DDoS attacks
    * NOTICE: Raw print queues are now deprecated (Issue #5269)
      so that now there is a warning message when you
      add or modify a queue to use the "raw driver" but
      raw printing will continue to work through CUPS 2.3.x, cf.
      https://lists.cups.org/pipermail/cups/2018-March/074060.html
    * Fixed an Avahi crash bug in the scheduler (Issue #5268)
    * Systemd did not restart cupsd when configuration changes
      were made that required a restart (Issue #5263)
    * The scheduler could crash while adding an IPP Everywhere
      printer (Issue #5258)
    * The scheduler now supports using temporary print queues
      for older IPP/1.1 print queues like those shared by CUPS 1.3
      and earlier (Issue #5241)
    * Kerberized printing to another CUPS server did not work
      correctly (Issue #5233)
    * More fixes for printing to old CUPS servers (Issue #5211)
    * The scheduler now substitutes default values for invalid
      job attributes when running in "relaxed conformance"
      mode (Issue #5186)
    * The cups-driverd program incorrectly stopped scanning PPDs
      as soon as a loop was seen (Issue #5170)
    * The `SSLOptions` directive now supports `MinTLS` and `MaxTLS`
      options to control the minimum and maximum TLS versions
      that will be allowed, respectively (Issue #5119)
    * The scheduler did not write out dirty configuration and
      state files if there were open client connections (Issue #5118)
    * The `lpadmin` command now provides a better error message when
      an unsupported System V interface script is used (Issue #5111)
    * No longer support backslash, question mark, or quotes
      in printer names (Issue #4966)
    * The CUPS library now supports the latest HTTP Digest
      authentication specification including support
      for SHA-256 (Issue #4862)
    * TLS connections now properly timeout (rdar://34938533)
* Tue Nov 14 2017 christophe@krop.fr
  - Make sure cups-libs-<targettype> is removed
* Tue Nov 07 2017 jsmeix@suse.de
  - Version upgrade to 2.2.6:
    CUPS 2.2.6 is a general bug fix release.
    For details see https://github.com/apple/cups/releases
    Changes include:
    * DBUS notifications could crash the scheduler (Issue #5143)
      (see also bsc#1061066 "DBUS library aborts caller process")
* Fri Oct 20 2017 jsmeix@suse.de
  - Use again the baselibs.conf from Fri Oct 13 11:11:10 UTC 2017
    that got broken by the change on Wed Oct 18 06:11:10 UTC 2017.
  - Version upgrade to 2.2.5:
    CUPS 2.2.5 is a general bug fix release.
    For details see https://github.com/apple/cups/releases
  - Version upgrade to 2.2.4:
    CUPS 2.2.4 is a general bug fix release.
    For details see https://github.com/apple/cups/releases
  - Removed
    0001-Update-cupsEnumDests-implementation-to-return-early-if-all.patch
    0002-Save-work-on-Avahi-code.patch
    0003-Avahi-fixes-for-cupsEnumDests.patch
    because since CUPS 2.2.4 it is fixed in the upstream code
    via https://github.com/apple/cups/pull/4989 more precisely via
    https://github.com/apple/cups/commit/a2187a63425a3d6c05de1e1cbf8c26fd39a1aced
    https://github.com/apple/cups/commit/657c5b5f91e6d5120c4ad7b118cf9098dd27f03d
    https://github.com/apple/cups/commit/3fae3b337df0be1a766857be741173d8a9915da7
* Wed Oct 18 2017 opensuse@dstoecker.de
  - Fix typo in requires
* Fri Oct 13 2017 jengelh@inai.de
  - Implement shared library packaging guideline [boo#862112]
  - Update package descriptions.
* Sat Sep 30 2017 jengelh@inai.de
  - Remove redundant Requires(pre) line — the use of %post -p
    already implies it.
* Wed Sep 20 2017 schwab@suse.de
  - Pre-require user(lp) in cups-libs
* Thu Jun 08 2017 jsmeix@suse.de
  - In /usr/lib/tmpfiles.d/cups.conf use
    group 'root' for /run/cups/certs (boo#1042916).
* Fri Jun 02 2017 jsmeix@suse.de
  - Major backward incompatible change since CUPS 2.2.0:
    There is no longer the directory /etc/cups/interfaces because
    since CUPS 2.2.0 so called "System V style Interface Scripts"
    are no longer supported for security reasons (see below the
    entry about the changes included in CUPS 2.2.0).
  - Disabled cups-2.1.0-cups-systemd-socket.patch
    because it does no longer apply which needs to be examined
    and decided by someone who knows about systemd internals.
  - Disabled
    0001-Update-cupsEnumDests-implementation-to-return-early-if-all.patch
    0002-Save-work-on-Avahi-code.patch
    0003-Avahi-fixes-for-cupsEnumDests.patch
    because they do no longer apply which needs to be examined
    and decided by someone who knows about Avahi internals.
  - Version upgrade to 2.2.3:
    CUPS 2.2.3 is a general bug fix release.
    See https://github.com/apple/cups/releases
    Changes include:
    * The IPP backend could get into an infinite loop for certain
      errors, causing a hung queue (rdar://problem/28008717)
    * The scheduler could pause responding to client requests in
      order to save state changes to disk (rdar://problem/28690656)
    * Added support for PPD finishing keywords
      (Issue #4960, Issue #4961, Issue #4962)
    * The IPP backend did not send a media-col attribute for just
      the source or type (Issue #4963)
    * IPP Everywhere print queues did not always support all print
      qualities supported by the printer (Issue #4953)
    * IPP Everywhere print queues did not always support all media
      types supported by the printer (Issue #4953)
    * The IPP Everywhere PPD generator did not return useful error
      messages (Issue #4954)
    * The IPP Everywhere finishings support did not work correctly
      with common UI or command-line options (Issue #4976)
    * Fixed an error handling issue for the network backends
      (Issue #4979)
    * The "reprint job" option was not available for some canceled
      jobs (Issue #4915)
    * Updated the job listing in the web interface (Issue #4978)
    A detailed list of changes can be found in the CHANGES.txt file.
  - Version upgrade to 2.2.2:
    CUPS 2.2.2 is a general bug fix release.
    See https://github.com/apple/cups/releases
    Changes include:
    * Fixed some issues with IPP Everywhere printer support
      (Issue #4893, Issue #4909, Issue #4916, Issue #4921,
      Issue #4923, Issue #4932, Issue #4933, Issue #4938)
    * The rastertopwg filter could crash with certain input
      (Issue #4942)
    * The scheduler did not detect when an encrypted connection
      was closed by the client on Linux (Issue #4901)
    * The cups-lpd program did not catch all legacy usage
      of ISO-8859-1 (Issue #4899)
    * The scheduler no longer creates log files on startup
      (<rdar://problem/28332470>)
    * The ippContainsString function now uses case-insensitive
      comparisons for mimeMediaType, name, and text values in
      conformance with RFC 2911.
    * The network backends now log the addresses that were found
      for a printer (<rdar://problem/29268474>)
    * Let's Encrypt certificates did not work when the hostname
      contained uppercase letters (Issue #4919)
    * Fixed reporting of printed pages in the web interface
      (Issue #4924)
    * Updated systemd config files (Issue #4935)
    A detailed list of changes can be found in the CHANGES.txt file.
  - Version upgrade to 2.2.1:
    CUPS 2.2.1 is a general bug fix release.
    See https://github.com/apple/cups/releases
    Changes include:
    * Added "CreateSelfSignedCerts" directive for cups-files.conf
      to control whether the scheduler automatically creates
      its own self-signed X.509 certificates for TLS connections
      (Issue #4876)
    * http*Connect did not handle partial failures (Issue #4870)
    * cupsHashData did not use the correct hashing algorithm
      (<rdar://problem/28209220>)
    * Updated man pages (PR #4885)
    A detailed list of changes can be found in the CHANGES.txt file.
  - Version upgrade to 2.2.0:
    CUPS 2.2.0 adds support for local IPP Everywhere print queues
    and includes several performance and security improvements.
    See https://github.com/apple/cups/releases
    Changes include:
    * Normalized the TLS certificate validation code and added
      additional error messages to aid troubleshooting.
    * http*Connect did not work on Linux when cupsd was not running
      (Issue #4870)
    * The --no-remote-any option of cupsctl had no effect
      (Issue #4866)
    * http*Connect did not return early when all addresses failed
      (Issue #4870)
    * The IPP backend did not validate TLS credentials properly.
    * The printer-state-message attribute was not cleared after a
      print job with no errors (Issue #4851)
    * The CUPS-Add-Modify-Class and CUPS-Add-Modify-Printer
      operations did not always return an error for failed
      adds (Issue #4854)
    * PPD files with names longer than 127 bytes did not work
      (Issue #4860)
    * CUPS now supports Let's Encrypt certificates on Linux.
    * All CUPS commands now support POSIX options (Issue #4813)
    * The scheduler now restarts faster (Issue #4760)
    * Improved performance of web interface with large numbers
      of jobs (Issue #3819)
    * Encrypted printing can now be limited to only trusted
      printers and servers (<rdar://problem/25711658>)
    * The scheduler now advertises PWG Raster attributes for
      IPP Everywhere clients (Issue #4428)
    * The scheduler now logs informational messages for jobs
      at LogLevel "info" (Issue #4815)
    * The scheduler now uses the getgrouplist function
      when available (Issue #4611)
    * The IPP backend no longer enables compression by default
      except for certain raster formats that generally benefit
      from it (<rdar://problem/25166952>)
    * The scheduler did not handle out-of-disk situations
      gracefully (Issue #4742)
    * The LPD mini-daemon now detects invalid UTF-8 sequences
      in job, document, and user names (Issue #4748)
    * The IPP backend now continues on to the next job
      when the remote server/printer puts the job on hold
      (<rdar://problem/24858548>)
    * The scheduler did not cancel multi-document jobs immediately
      (<rdar://problem/24854834>)
    * The scheduler did not return non-shared printers to local
      clients unless they connected to the domain socket
      (<rdar://problem/24566996>)
    * The scheduler now reads the spool directory if one or more
      job cache entries point to deleted jobs
      (<rdar://problem/24048846>)
    * Added support for disc media sizes (<rdar://problem/20219536>)
    * The httpAddrConnect and httpConnect* APIs now try connecting
      to multiple addresses in parallel (<rdar://problem/20643153>)
    * Interface scripts are no longer supported for security reasons
      (<rdar://problem/23135640>)
    A detailed list of changes can be found in the CHANGES.txt file.
  - Version upgrade to 2.1.4:
    CUPS 2.1.4 is a general bug fix release.
    See https://github.com/apple/cups/releases
    Changes include:
    * Fixed reporting of 1284 Device IDs (Issue #3835, PR #3836)
    * Fixed printing of multiple files to raw queues (Issue #4782)
    * The scheduler did not implement the Hold-New-Jobs opertion
      correctly (Issue #4767)
    * The cups-lpd mini-daemon incorrectly included the document-name
      attribute when creating a job.  It should only be included when
      sending a job (Issue #4790)
    A detailed list of changes can be found in the CHANGES.txt file.
* Sat May 20 2017 dimstar@opensuse.org
  - Replace krb5-devel BuildRequires with pkgconfig(krb5) on
    suse_version >= 1315: give OBS a better chance to break up build
    cycles.
* Thu Apr 20 2017 alarrosa@suse.com
  - Drop cups-1.7.5-cupsEnumDests-react-to-all-for-now.diff and add
    0001-Update-cupsEnumDests-implementation-to-return-early-if-all.patch,
    0002-Save-work-on-Avahi-code.patch and
    0003-Avahi-fixes-for-cupsEnumDests.patch which is what upstream
    finally commited to cups 2.2 sources in response to
    https://github.com/apple/cups/pull/4989 in order to fix cupsEnumDests
    to react to the ALL_FOR_NOW avahi event (and also include a similar
    fix for the dnssd case). Related to bsc#955432.
* Mon Apr 10 2017 alarrosa@suse.com
  - Add cups-2.1.3-cupsEnumDests-react-to-all-for-now.diff .
    Avahi sends an ALL_FOR_NOW event when it finishes sending
    its cache contents. This patch makes cupsEnumDests finish
    when the signal is received so it doesn't block the caller
    doing nothing until the timeout finishes (related to bsc#955432,
    submitted upstream at https://github.com/apple/cups/pull/4989)
* Wed Mar 29 2017 kukuk@suse.com
  - Add /etc/cups to cups-libs package [bsc#1025689]
* Mon Dec 12 2016 dimstar@opensuse.org
  - Replace pkgconfig(libsystemd-daemon) BuildRequires with
    pkgconfig(libsystemd) on openSUSE 13.2 and newer: the various
    sub-libraries have been merged into libsystemd since version 209.
    openSUSE 13.1 was the last product to ship systemd 208.
* Tue Jun 28 2016 kamikazow@web.de
  - Remove CUPS.desktop and pixmap
    * Obsoletes patch cups-1.3.9-desktop_file.patch
* Mon Feb 29 2016 michael@stroeder.com
  - Version upgrade to 2.1.3:
    CUPS 2.1.3 fixes some issues in the scheduler, sample drivers,
    and user commands.
    A detailed list of changes can be found in the CHANGES.txt file.
    Changes include (excerpt):
    * The scheduler should not exit under memory pressure
      (<rdar://problem/23255001>)
    * Fixed some issues in ipptool for skipped tests
      (<rdar://problem/24137160>)
    * The "lp -H resume" command did not reset the
      "job-state-reasons" attribute value (STR #4752)
    * The scheduler did not allow access to resource files
      (icons, etc.) when the web interface was disabled (STR #4755)
  - Version upgrade to 2.1.2:
    CUPS 2.1.2 fixes an issue in the 2.1.1 source archives which
    actually contained a current 2.2 snapshot.
    There are no other changes.
  - Version upgrade to 2.1.1:
    CUPS 2.1.1 fixes a number of USB and IPP printing issues,
    addresses some error reporting and hardening issues in
    the scheduler, and updates some localizations.
    A detailed list of changes can be found in the CHANGES.txt file.
    Changes include (excerpt):
    * Security hardening fixes (<rdar://problem/23131948>,
      <rdar://problem/23132108>, <rdar://problem/23132353>,
      <rdar://problem/23132803>, <rdar://problem/23133230>,
      <rdar://problem/23133393>, <rdar://problem/23133466>,
      <rdar://problem/23133833>, <rdar://problem/23133998>,
      <rdar://problem/23134228>, <rdar://problem/23134299>,
      <rdar://problem/23134356>, <rdar://problem/23134415>,
      <rdar://problem/23134506>, <rdar://problem/23135066>,
      <rdar://problem/23135122>, <rdar://problem/23135207>,
      <rdar://problem/23144290>, <rdar://problem/23144358>,
      <rdar://problem/23144461>)
    * The cupsGetPPD* functions did not work with IPP printers
      (STR #4725)
    * Some older HP LaserJet printers need a delayed close when
      printing using the libusb-based USB backend (STR #4549)
    * The libusb-based USB backend did not unload the kernel usblp
      module if it was preventing the backend from accessing the
      printer (STR #4707)
    * Current Primera printers were incorrectly reported as Fargo
      printers (STR #4708)
    * The IPP backend did not always handle jobs getting canceled
      at the printer (<rdar://problem/22716820>)
    * Added USB quirk for Canon MP530 (STR #4730)
    * The scheduler did not deliver job notifications for jobs
      submitted to classes (STR #4733)
    * Changing the printer-is-shared value for a remote queue
      did not produce an error (STR #4738)
    * The IPP backend incorrectly included the job-password
      attribute in Validate-Job requests (<rdar://problem/23531939>)
* Sun Sep 20 2015 meissner@suse.com
  - add -devel to build a 32bit wine on 64bit only Leap systems.
* Tue Sep 01 2015 jsmeix@suse.de
  - Version upgrade to 2.1.0:
    CUPS 2.1.0 offers improved support for IPP Everywhere,
    adds support for advanced logging using journald on Linux, and
    includes new security features for encrypted printing and
    reduced network visibility in the default configuration.
    A detailed list of changes can be found in the CHANGES.txt file.
    Changes include (excerpt):
    * Added support for 3D printers (basic types only,
      no built-in filters) based on PWG white paper.
    * The IPP backend now stops sending print data
      if the printer indicates the job has been aborted
      or canceled (<rdar://problem/17837631>)
    * The IPP backend now sends the job-pages-per-set
      attribute when printing multiple copy jobs with
      finishings (<rdar://problem/16792757>)
    * The IPP backend now updates the cupsMandatory values when the
      printer configuration changes (<rdar://problem/18126570>)
    * No longer install banner files since third-party banner
      filters now supply their own (STR #4518)
    * The scheduler no longer listens on the loopback
      interface unless the web interface or printer sharing
      are enabled (<rdar://problem/9136448>)
    * Added a PPD generator for IPP Everywhere printers (STR #4258)
    * Now install "default" versions of more configuration
      files (<rdar://problem/19024491>) in particular
      cups-files.conf.default and snmp.conf.default
    * Added SSLOptions values to allow Diffie-Hellman key exchange
      and disable TLS/1.0 support.
    * Updated the scheduler to support more IPP Everywhere
      attributes (STR #4630)
    * The scheduler now supports advanced ASL and journald logging
      when "syslog" output is configured (STR #4474)
    * The scheduler now supports logging to stderr when running
      in the foreground (STR #4505)
  - Adapted patches so that they apply to CUPS 2.1.0 sources:
    * cups-2.1.0-choose-uri-template.patch replaces
      cups-1.2rc1-template.patch
    * cups-2.1.0-default-webcontent-path.patch replaces
      cups-1.4.3-default-webcontent-path.patch
    * cups-2.1.0-cups-systemd-socket.patch replaces
      cups-systemd-socket.patch
* Tue Sep 01 2015 tchvatal@suse.com
  - Fix bnc#943950, escape the macro call %systemd-tmpfiles
    in comment.
* Thu Aug 20 2015 tchvatal@suse.com
  - Add gpg verification for the tarball
  - Version update to 2.0.4:
    * Fixed a bug in cupsRasterWritePixels (STR #4650)
    * Fixed redirection in the web interface (STR #4538)
    * The IPP backend did not respond to side-channel
      requests (STR #4645)
    * The scheduler did not start all pending jobs
      at once (STR #4646)
    * The web search incorrectly searched time-at-xxx
      values (STR #4652)
    * Fixed an RPM spec file issue (STR #4657)
    * The scheduler incorrectly started jobs while canceling
      multiple jobs (STR #4648)
    * Fixed processing of server overrides without
      port numbers (STR #4675)
    * Documentation changes (STR #4651, STR #4674)
* Wed Jul 01 2015 jsmeix@suse.de
  - cups-2.0.3-additional_policies.patch replaces
    cups-1.7-additional_policies.patch that still adds the same
    "allowallforanybody" policy but now with separated "Limit All"
    to avoid https://www.cups.org/str.php?L4659 (boo#936309).
  - Added "-p /bin/bash" to RPM shell commands scriptlets that
    enforces bash to be safe against any possible "bashisms", cf
    https://en.opensuse.org/openSUSE:Packaging_scriptlet_snippets
* Thu Jun 25 2015 tchvatal@suse.com
  - Fix the previous commit by using direct systemd call and
    ensuring we work even on older distros
* Mon Jun 22 2015 tchvatal@suse.com
  - Fix postin-without-tmpfile-creation and run %tmpfiles_create
    macro on our cups.conf
* Tue Jun 09 2015 jsmeix@suse.de
  - Version upgrade to 2.0.3:
    The new release addresses two security vulnerabilities,
    add localizations for German and Russian, and includes several
    general bug fixes. Changes include (excerpt):
    * Security: Fixed CERT VU #810572 CVE-2015-1158 CVE-2015-1159
      exploiting the dynamic linker (STR #4609) (bsc#924208)
    * Security: The scheduler could hang with malformed gzip data
      (STR #4602)
    * Restored missing generic printer icon file (STR #4587)
    * Fixed logging of configuration errors to show up as errors
      (STR #4582)
    * Fixed potential buffer overflows in raster code and filters
      (STR #4598, STR #4599, STR #4600, STR #4601)
    * Fixed <Limit> inside <Location> (STR #4575)
    * Fixed lpadmin when both -m and -o are used (STR #4578)
    * The web interface always showed support for 2-sided printing
      (STR #4595)
    * cupsRasterReadHeader did not fully validate the raster header
      (STR #4596)
    * The rastertopwg filter did not check for truncated input
      (STR #4597)
    * The cups-lpd mini-daemon did not check for request parameters
      (STR #4603)
    * The scheduler could get caught in a busy loop (STR #4605)
    * The sample Epson driver could crash (STR #4616)
    * The IPP backend now correctly monitors jobs
      (<rdar://problem/20495955>)
    * The ppdhtml and ppdpo utilities crashed when the -D option
      was used before a driver information file (STR #4627)
    * ippfind incorrectly substituted "=port" for service_port.
    * The IPP/1.1 test file did not handle the initial print job
      completing early (STR #4576)
    * Fixed a memory leak in cupsConnectDest (STR #4634)
    * PWG Raster Format output contained invalid ImageBox values
      (<rdar://problem/21144309>)
    * Added Russian translation (STR #4577)
    * Added German translation (STR #4635)
  - cups-busy-loop.patch fixed STR #4605 is obsolete because
    it is fixed upstream (see above).
  - cleaned up this whole RPM changlog (wrapped too long lines if
    possible and removed trailing whitespaces).
* Sat Mar 28 2015 mimi.vx@gmail.com
  - Add patch cups-busy-loop.patch to fix rh#1179596 , cups#4605
* Thu Feb 12 2015 tchvatal@suse.com
  - Add back the posttrans cleanup script as it is needed
* Thu Feb 12 2015 tchvatal@suse.com
  - Add patch cups-systemd-socket.patch to fix socket activation
    and to match socket approach Fedora has.
* Thu Feb 12 2015 tchvatal@suse.com
  - Version bump to 2.0.2:
    * Security: cupsRasterReadPixels buffer overflow with invalid
      page header and compressed raster data (STR #4551)
    * Mapping of PPD keywords to IPP keywords did not work if the PPD
      keyword was already an IPP keyword (<rdar://problem/19121005>)
    * cupsGetPPD* sent bad requests (STR #4567)
    * For detailed list see CHANGES.txt file
* Thu Feb 12 2015 tchvatal@suse.com
  - Enable PIE for build
* Fri Jan 30 2015 tchvatal@suse.com
  - Remove legacy paralel-port support as it is not really needed
    as most do not want it
* Fri Jan 30 2015 tchvatal@suse.com
  - Update descriptions to just state what changed and let user
    find it out.
  - Add back comment about %fdupes
  - Remove exit 0 on scriptlets as it is provided by
    the %service bla ones already
  - Fix the comment about openSUSE version on tmpfilesdir declaration
* Fri Jan 16 2015 tchvatal@suse.com
  - cups-2.0.1 update:
    * lengthy list of changes see the upstream CHANGES.txt that is
      distributed with the package
    * Disabling of sslv3 to mitigate poodle
  - Use gnutls to provide SSLOPtions configuration directive
    * openssl is no longer supported upstream
    * Remove the with-openssl-exception from license
  - Remove cups.sysconfig as it is not used with systemd based distros
  - Purposely lose support for SLE11 as it doubles size of some of the
    sections and keep suppor for openSUSE+SLE12
    * even with the conditions we would have to go unencrypted only
      as needs newer gnutls, so don't bother with keeping the compat
  - Use upstream service and socket files to allow more working tools
  - Removed patches:
    * cups-0001-systemd-add-systemd-socket-activation-and-unit-files.patch
    * cups-0002-systemd-listen-only-on-localhost-for-socket-activation.patch
    * cups-0003-systemd-secure-cups.service-unit-file.patch
    * cups-1.3.6-access_conf.patch
    * cups-1.5-additional_policies.patch
    * cups-1.5.4-CVE-2012-5519.patch
    * cups-1.5.4-strftime.patch
    * cups-move-everything-to-run.patch
    * cups-polld_avoid_busy_loop.patch
    * cups-provides-cupsd-service.patch
    * str4190.patch
    * str4351.patch
    * str4450.CVE-2014-3537.str4455.CVE-2014-5029.CVE-2014-5030.CVE-2014-5031.CUPS-1.5.4.patch
  - Refreshed patches:
    * cups-1.3.9-desktop_file.patch
    * cups-config-libs.patch
  - Added patches:
    * cups-1.7-additional_policies.patch
    * cups-systemd-socket.patch

Files

/usr/bin/cancel
/usr/bin/cupstestdsc
/usr/bin/ippfind
/usr/bin/ipptool
/usr/bin/lp
/usr/bin/lpoptions
/usr/bin/lpq
/usr/bin/lpr
/usr/bin/lprm
/usr/bin/lpstat
/usr/sbin/accept
/usr/sbin/cupsaccept
/usr/sbin/cupsdisable
/usr/sbin/cupsenable
/usr/sbin/cupsreject
/usr/sbin/lpadmin
/usr/sbin/lpc
/usr/sbin/lpinfo
/usr/sbin/lpmove
/usr/sbin/reject
/usr/share/man/man1/cancel.1.gz
/usr/share/man/man1/cupstestdsc.1.gz
/usr/share/man/man1/ippfind.1.gz
/usr/share/man/man1/ipptool.1.gz
/usr/share/man/man1/lp.1.gz
/usr/share/man/man1/lpoptions.1.gz
/usr/share/man/man1/lpq.1.gz
/usr/share/man/man1/lpr.1.gz
/usr/share/man/man1/lprm.1.gz
/usr/share/man/man1/lpstat.1.gz
/usr/share/man/man5/ipptoolfile.5.gz
/usr/share/man/man8/accept.8.gz
/usr/share/man/man8/cupsaccept.8.gz
/usr/share/man/man8/cupsdisable.8.gz
/usr/share/man/man8/cupsenable.8.gz
/usr/share/man/man8/cupsreject.8.gz
/usr/share/man/man8/lpadmin.8.gz
/usr/share/man/man8/lpc.8.gz
/usr/share/man/man8/lpinfo.8.gz
/usr/share/man/man8/lpmove.8.gz
/usr/share/man/man8/reject.8.gz


Generated by rpm2html 1.8.1

Fabrice Bellet, Tue Jul 9 13:44:15 2024