-
cups (2.2.1-8+deb9u6) stretch; urgency=medium
* Backport upstream security fixes:
- CVE-2020-3898: heap-buffer-overflow in libcups’s ppdFindOption()
function in ppd-mark.c
- CVE-2019-8842: The `ippReadIO` function may under-read an extension
field
-- Didier Raboud <email address hidden> Mon, 27 Apr 2020 08:50:13 +0200
-
cups (2.2.1-8+deb9u5) stretch; urgency=medium
* Backport upstream security fix:
- CVE-2019-2228: The `ippSetValuetag` function did not validate the
default language value (Closes: #946782)
-- Didier Raboud <email address hidden> Sun, 19 Jan 2020 09:53:03 +0100
-
cups (2.2.1-8+deb9u4) stretch; urgency=low
* Fix multiple security/disclosure issues (Closes: #934957)
- CVE-2019-8696 and CVE-2019-8675: Fixed SNMP buffer overflows
- Fixed IPP buffer overflow
- Fixed memory disclosure issue in the scheduler
- Fixed DoS issues in the scheduler
-- Didier Raboud <email address hidden> Wed, 21 Aug 2019 09:51:54 +0200
-
cups (2.2.1-8+deb9u3) stretch; urgency=low
* Backport upstream fixes for:
- CVE-2017-18248: DBUS notifications could crash the scheduler
- CVE-2018-4700: Linux session cookies used a predictable random
number seed (Closes: #915909)
-- Didier Raboud <email address hidden> Fri, 14 Dec 2018 13:58:47 +0100
-
cups (2.2.1-8+deb9u2) stretch-security; urgency=low
* CVE-2018-6553: Fix AppArmor cupsd sandbox bypass due to use of hard links
* Backport upstream fixes for:
- CVE-2018-4180 Local Privilege Escalation to Root in dnssd Backend (CUPS_SERVERBIN)
- CVE-2018-4181 Limited Local File Reads as Root via cupsd.conf Include Directive
- CVE-2018-4182 cups-exec Sandbox Bypass Due to Insecure Error Handling
- CVE-2018-4183 cups-exec Sandbox Bypass Due to Profile Misconfiguration
- CVE-2017-15400: Restrict IPP Everywhere filters to only list supported PDLs
to fix CRLF and Code Injection in Printer Zeroconfig
-- Didier Raboud <email address hidden> Wed, 11 Jul 2018 11:29:27 +0200
-
cups (2.2.1-8+deb9u1) stretch; urgency=low
* CVE-2017-18190: Prevent an issue where remote attackers could execute
arbitrary IPP commands by sending POST requests to the CUPS daemon in
conjunction with DNS rebinding. This was caused by a whitelisted
"localhost.localdomain" entry.
-- Didier Raboud <email address hidden> Thu, 22 Feb 2018 17:51:44 +0100
-
cups (2.2.1-8) unstable; urgency=medium
[ JP Guillonneau ]
* French manpages translation update (Closes: #852662)
-- Didier Raboud <email address hidden> Tue, 31 Jan 2017 08:00:49 +0100
-
cups (2.2.1-6) unstable; urgency=medium
* Cherry-pick three more upstream fixes:
- Add a USB quirk rule for the Kyocera Ecosys P6026cdn (Issue #4900)
- Fix rastertopwg line offset bug (Issue #4942)
- Fix Russian localization bug (Issue #4946)
-- Didier Raboud <email address hidden> Wed, 18 Jan 2017 14:06:44 +0100
-
cups (2.2.1-4) unstable; urgency=medium
[ Didier Raboud ]
* Cleanup the cups debconf questions from 'parallel' leftovers
(Closes: #848718)
[ intrigeri ]
* AppArmor profile: support merged-/usr (Closes: #846868)
-- Didier Raboud <email address hidden> Tue, 20 Dec 2016 08:58:02 +0100
-
cups (2.2.1-2) unstable; urgency=medium
[ Helge Kreutzmann ]
* Several fixes to german manpages due to proofreading on
debian-l10n-german
-- Didier Raboud <email address hidden> Thu, 03 Nov 2016 09:26:32 +0100
-
cups (2.2.1-1) unstable; urgency=medium
* New 2.2.1 upstream release
- Updated man pages (PR #4885, Closes: #838854)
[ Helge Kreutzmann ]
* Update German man page
[ Didier Raboud ]
* Demote libcupsfilters{1,-dev} dependencies to recommends (Closes: #711697)
* Remove lsb Depends from cups, bump cups-daemon's to 3.2-14~
[ Helmut Grohne ]
* Fix FTCBFS (Closes: #837936)
- Build mantohtml with the build architecture compiler
- Do not execute genstrings during build
-- Didier Raboud <email address hidden> Wed, 05 Oct 2016 11:32:06 +0200
-
cups (2.2.0-2) unstable; urgency=medium
* Backport upstream patch to handle partial failures when connecting
(Closes: #838434)
-- Didier Raboud <email address hidden> Wed, 21 Sep 2016 09:30:58 +0200
-
cups (2.1.4-4) unstable; urgency=medium
* Patch a final lpstat call to really make the build reproducible when built
in italian
-- Didier Raboud <email address hidden> Mon, 11 Jul 2016 13:19:05 +0200
-
cups (2.1.4-1) unstable; urgency=medium
* New 2.1.4 upstream release
* Update debian/watch to check for new releases on GitHub
* Remove 3 patches backported from upstream, refresh some
* Refresh manpage translations
-- Didier Raboud <email address hidden> Fri, 17 Jun 2016 09:45:39 +0200
-
cups (2.1.3-6) unstable; urgency=medium
[ Till Kamppeter ]
* De-activate CUPS web interface when the files for it are not installed.
This allows for auto-shutdown on mobile device installations.
* Make CUPS with the Upstart support patch (Ubuntu-only) also build on
ubuntuBSD (LP: #1582002)
[ Helge Kreutzmann ]
* Update German translation
[ Didier Raboud ]
* Backport upstream-included patch to fix malformed device-id for printers
found by dnssd, thanks to Laurent Bigonville.
* Bump S-V to 3.9.8 without changes needed
* Drop duplicate 'using' word in libcups2's README.Debian
-- Didier Raboud <email address hidden> Wed, 08 Jun 2016 21:43:14 +0200
-
cups (2.1.3-5) unstable; urgency=medium
* Automatically generate debug package, B-D against debhelper >= 9.20160114
* Convert homepage and Vcs-Browser to https urls
* Drop the patch to allow auto-shutdown on idle with active web interface,
this induces a regression for web-interface users (Closes: #816490)
-- Didier Raboud <email address hidden> Fri, 25 Mar 2016 12:01:30 +0100
-
cups (2.1.3-4) unstable; urgency=medium
[ Till Kamppeter ]
* Quirk rule to make Lexmark C540n work (STR #4778)
* Quirk rule to make Xerox WorkCentre 3220 work (LP: #1406203, STR #4789)
-- Didier Raboud <email address hidden> Fri, 18 Mar 2016 15:24:54 +0100
-
cups (2.1.3-3) unstable; urgency=medium
* Install missing cups-snmp.8 manpage (Closes: #816316)
-- Didier Raboud <email address hidden> Mon, 29 Feb 2016 22:11:50 +0100
-
cups (2.1.3-2) unstable; urgency=medium
* Drop unused libslp-dev Build-Dependency (Closes: #815359)
* Bump Standards-Version to 3.9.7 without changes needed
-- Didier Raboud <email address hidden> Wed, 24 Feb 2016 13:55:29 +0100
-
cups (2.1.3-1) unstable; urgency=medium
* New 2.1.3 upstream release:
- /admin resource files (like config files of CUPS) were not served when
the web interface was disabled, breaking utilities like "cupsctl"
(CUPS STR #4755)
-- Didier Raboud <email address hidden> Sat, 13 Feb 2016 16:35:01 +0100
-
cups (2.1.2-2) unstable; urgency=medium
[ Till Kamppeter ]
* Add patch to avoid letting pending subscriptions prevent CUPS from
auto-shutdown when idle (CUPS STR#4754)
* Add patch to allow auto-shutdown when idle if the web interface is not
turned off in the CUPS configuration, the web interface is too important
(CUPS STR #4755)
[ Didier Raboud ]
* Remove libpng12-dev Build-Depends alternative to libpng-dev
(Closes: #810183)
-- Didier Raboud <email address hidden> Wed, 13 Jan 2016 16:21:31 +0100
-
cups (2.1.2-1) unstable; urgency=low
* New 2.1.2 upstream release
* Drop patches included upstream:
- usb-backend-fix-infinite-loop-when-usblp-module-attached.patch
- usb-backend-delayed-closing-for-old-laserjets.patch
- fix-ppd-file-load-for-ipp-printers.patch
Refresh 2 other patches
* Update Apple Inc. Copyright years in debian/copyright
-- Didier Raboud <email address hidden> Thu, 03 Dec 2015 21:25:48 +0100
-
cups (2.1.0-6) unstable; urgency=medium
[ Till Kamppeter ]
* Move /usr/lib/cups/daemom/cups-exec from the "cups" binary package to the
"cups-daemon" binary package as it is already needed for basic job
execution and therefore already in the level-1 (minimum) printing stack
(LP: #1509423)
-- Didier Raboud <email address hidden> Fri, 06 Nov 2015 17:09:44 +0100
-
cups (2.1.0-5) unstable; urgency=medium
[ Till Kamppeter ]
* Add upstream patch to fix cupsGetPPD* with IPP print queues
(CUPS STR #4725)
-- Didier Raboud <email address hidden> Wed, 21 Oct 2015 15:01:21 +0200
-
cups (2.1.0-4) unstable; urgency=medium
[ Till Kamppeter ]
* Corrected info header (author and Debian bug closure) of
usb-backend-fix-infinite-loop-when-usblp-module-attached.patch
* USB-backend: Added new quirk rules for delayed closing of the backend for
several older HP LaserJet printers (CUPS STR #4549)
[ Didier Raboud ]
* Add maintscript stanzas to properly remove the oopstops.{convs,types}
conffiles in /etc/cups that are not shipped since 1.3.10-3
(Closes: #799025)
-- Didier Raboud <email address hidden> Wed, 16 Sep 2015 19:00:13 +0200
-
cups (2.0.3-10) unstable; urgency=medium
* Backport upstream patches:
- Fix redirections from CGI scripts (STR: #4538)
- Fix the active jobs loop (STR: #4646)
-- Didier Raboud <email address hidden> Tue, 21 Jul 2015 16:15:03 +0200
-
cups (2.0.3-6) unstable; urgency=low
* Fix the 'which' calls, causing uninstallation error of cups-bsd
-- Didier Raboud <email address hidden> Tue, 07 Jul 2015 16:24:20 +0200
-
cups (1.7.5-12) unstable; urgency=high
* Import 1.7 upstream fix for CERT VU#810572: Privilege escalation through
dynamic linker and isolated vulnerabilities: STR: #4609, VU#810572
- CVE-2015-1158 - Improper Update of Reference Count
- CVE-2015-1159 - Cross-Site Scripting
-- Didier Raboud <email address hidden> Tue, 09 Jun 2015 09:33:29 +0200
-
cups (1.7.5-11) unstable; urgency=medium
* Backport upstream patch to fix cupsRasterReadPixels buffer overflow with
invalid page header and compressed raster data
(STR: #4551, Closes: #778387)
-- Didier Raboud <email address hidden> Mon, 16 Feb 2015 08:19:17 +0100
