Change log for cupsys package in Ubuntu

cupsys (1.1.20final+cvs20040330-4ubuntu16.10) warty-security; urgency=low


  * SECURITY UPDATE: Multiple integer/buffer overflows.
  * Add debian/patches/46CVE-2005-3624_5_7.patch:
  * pdftops/Stream.cxx, CCITTFaxStream::CCITTFaxStream():
    - Check columns for negative or large values.
    - CVE-2005-3624
  * pdftops/Stream.cxx, numComps checks introduced in CVE-2005-3191 patch:
    - Reset numComps to 0 since it's a global variable that is used later.
    - CVE-2005-3627
  * pdftops/Stream.cxx, DCTStream::readHuffmanTables():
    - Fix out of bounds array access in Huffman tables.
    - CVE-2005-3627
  * pdftops/Stream.cxx, DCTStream::readMarker():
    - Check for EOF in while loop to prevent endless loops.
    - CVE-2005-3625
  * pdftops/JBIG2Stream.cxx, JBIG2Bitmap::JBIG2Bitmap(), JBIG2Bitmap::expand(),
    JBIG2Stream::readHalftoneRegionSeg():
    - Check user supplied width and height against invalid values.
    - Allocate one extra byte to prevent out of bounds access in combine().

 -- Martin Pitt <email address hidden>  Thu,  5 Jan 2006 14:38:17 +0100

cupsys (1.1.99.b1.r4841-1ubuntu5) dapper; urgency=low


  * Synchronize to Debian's svn head to get the various configuration handling
    RC bug fixes, but keep Ubuntu upstream version at r4841 since 4885 has
    serious regressions.
  * All non-Ubuntu specific patches have been applied in Debian now.
  * Drop the following patches (accepted in Debian):
    - ubuntu-sanitize-conffile-handling.dpatch
    - ubuntu-localports.dpatch
    - ubuntu-include-conf.d.dpatch
    - ubuntu-nowebadmin.dpatch
    - ubuntu-cupsimage.dpatch
  * ubuntu-runasuser.dpatch: Remove the upstream code fixes (already in Debian
    now), just add the 'RunAsUser' directive to cupsd.conf.
  * debian/cupsys.templates: Disable browsing by default.

 -- Martin Pitt <email address hidden>  Thu, 22 Dec 2005 15:08:51 +0100

cupsys (1.1.99.b1.r4841-1ubuntu4) dapper; urgency=low


  * Move forcefully killing of cupsd when start-stop-daemon fails from
    postinst to init script, where it belongs to. Do not kill all running
    cupsd processes, but only the one in the pid file.

 -- Martin Pitt <email address hidden>  Wed, 14 Dec 2005 11:07:04 +0100

cupsys (1.1.23-10ubuntu4) breezy; urgency=low


  * Add debian/patches/ubuntu-disable-conffile-chmod.dpatch:
    - Stop fiddling with the /etc/cups/cupsd.conf permissions at server
      startup. The default permissions as shipped (root:root 0644) are just
      fine for that file, and cupsys modifies it in a way that normal users
      cannot read them any more, which breaks gnome-cups-manager.
    - Ubuntu #15165
  * debian/cupsys.postinst:
    - If the package is upgraded from a version earlier than this one, correct
      permissions of cupsd.conf.

 -- Martin Pitt <email address hidden>  Wed, 14 Sep 2005 14:52:13 +0200

cupsys (1.1.23-1ubuntu12) hoary; urgency=low


  * debian/cupsys.init.d:
    - Make the start-stop-daemon invocation in restart use the schedule
      syntax (--retry TERM/10) to keep trying to kill cupsd for 10
      seconds before it gives up.  If it does fail, restart now fails
      gracefully, rather than bringing down the shell. (Ubuntu #7847)
    - Make the same changes to the stop target for consistency.

 -- Adam Conrad <adconrad@0c3.net>  Tue, 22 Mar 2005 03:40:51 +0000

cupsys (1.1.20final+cvs20040330-4ubuntu16.9) warty-security; urgency=low


  * SECURITY UPDATE: Multiple integer/buffer overflows.
  * Add debian/patches/45CVE-2005-3191_2.patch:
  * pdftops/Stream.cxx, DCTStream::readBaselineSOF(),
    DCTStream::readProgressiveSOF(), DCTStream::readScanInfo():
    - Check numComps for invalid values.
    - http://www.idefense.com/application/poi/display?id=342&type=vulnerabilities
    - CVE-2005-3191
  * pdftops/Stream.cxx, StreamPredictor::StreamPredictor():
    - Check rowBytes for invalid values.
    - http://www.idefense.com/application/poi/display?id=344&type=vulnerabilities
    - CVE-2005-3192
  * Note: This embedded xpdf version does not support JPX, thus is not
    vulnerable against CVE-2005-3193.

 -- Martin Pitt <email address hidden>  Mon, 12 Dec 2005 11:21:30 +0100

cupsys (1.1.20final+cvs20040330-4ubuntu16) warty; urgency=low


  * cupsys.init.d: do not exit the script if chmod/chown of the printer driver
    directory fails; route error message to /dev/null. This allows to have a
    read-only /usr partition. (Warty bug #2496)

 -- Martin Pitt <email address hidden>  Mon, 18 Oct 2004 19:35:09 +0200