-
cupsys (1.3.2-1ubuntu7.10) gutsy-security; urgency=low
* SECURITY UPDATE: fix integer overflow via large TIFF file
- debian/patches/83_CVE-2009-0163.dpatch: adjust CUPS_IMAGE_MAX_HEIGHT in
filter/image-private.h
- CVE-2009-0163
-- Jamie Strandboge <email address hidden> Wed, 15 Apr 2009 09:21:58 -0500
-
cupsys (1.3.2-1ubuntu7.9) gutsy-security; urgency=low
* SECURITY UPDATE: denial of service by adding a large number of RSS
subscriptions (LP: #298241)
- debian/patches/81_CVE-2008-5183.dpatch: gracefully handle MaxSubscriptions
being reached in scheduler/{ipp.c,subscriptions.c}.
- CVE-2008-5183
* SECURITY UPDATE: unauthorized access to RSS subscription functions in
web interface (LP: #298241)
- debian/patches/82_CVE-2008-5184.dpatch: make sure user is authenticated
in /cgi-bin/admin.c.
- CVE-2008-5184
* SECURITY UPDATE: arbitrary code execution via integer overflow from a PNG
image with a large height value
- This issue was introduced in the patch for CVE-2008-1722.
- debian/patches/77_CVE-2008-1722.dpatch: adjust patch to multiply img->xsize
instead of img->ysize so we don't overflow in filter/image-png.c.
- CVE-2008-5286
* SECURITY UPDATE: arbitrary file overwrite via temp log file symlink attack
- debian/filters/pstopdf: use the cleaned-up version from Debian.
- CVE-2008-5377
-- Marc Deslauriers <email address hidden> Thu, 08 Jan 2009 10:28:34 -0500
-
cupsys (1.3.2-1ubuntu7.8) gutsy-security; urgency=low
* SECURITY UPDATE: heap-based buffer overflow due to unchecked boundary in
the SGI filter
- debian/patches/78_CVE-2008-3639.dpatch: adjust filter/image-sgilib.c to
properly check for xsize. Taken from Debian patch by Martin Pitt.
- STR #2918
- CVE-2008-3639
* SECURITY UPDATE: integer overflow in texttops filter which could lead
to heap-based overflow
- debian/patches/79_CVE-2008-3640.dpatch: adjust textcommon.c and
texttops.c to check for too large or negative page metrics. Taken from
Debian patch by Martin Pitt.
- STR #2919
- CVE-2008-3640
* SECURITY UPDATE: buffer overflow in HPGL filter which could lead to
arbitrary code execution
- debian/patches/80_CVE-2008-3641.dpatch: adjust hpgl-attr.c to properly
check for an invalid number of pens. Also includes fix for regression in
orginal upstream patch which changed the color mapping and an off-by-one
loop error. Taken from Debian patch by Martin Pitt.
- STR #2911
- STR #2966
- CVE-2008-3641
-- Jamie Strandboge <email address hidden> Tue, 14 Oct 2008 13:49:34 -0500
-
cupsys (1.3.2-1ubuntu7.7) gutsy-security; urgency=low
* SECURITY UPDATE: Denial of service and possibly arbitrary code execution
* debian/patches/77_CVE-2008-1722.dpatch: fix for two integer overflows in
filter/image-png.c. Taken from Debian SVN Head.
* References
CVE-2008-1722
LP: #219491
http://www.cups.org/str.php?L2790
-- Jamie Strandboge <email address hidden> Wed, 23 Apr 2008 12:59:45 -0400
-
cupsys (1.3.2-1ubuntu7.6) gutsy-security; urgency=low
* debian/patches/72_CVE-2008-0047.dpatch: Fix buffer overflow in
cgiCompileSearch() using crafted search expressions. Exploitable if
printer sharing is enabled. Thanks to Martin Pitt for supplying the patch.
* debian/patches/73_CVE-2008-0882.dpatch: Fix double-free in
process_browse_data(), which could be exploited to a remote DoS by sending
crafted data to the cups UDP port. Thanks to Martin Pitt for supplying the
patch.
* debian/patches/74_pid.dpatch: Specify PidFile in temporary directory in
the self test's cupsd.conf. This affects the test suite (in the sense that
it actually works now) and does not affect the built binaries at all.
(Backported from trunk). Thanks to Martin Pitt for supplying the patch.
* debian/patches/75_CVE-2008-0053.dpatch: Fix buffer overflows in
ParseCommand() in hpgl-input.c by properly checking number of parameters
* debian/patches/76_CVE-2008-1373.dpatch: Fix buffer overflow in
gif_read_image() in image-gif.c by properly validating code_size
* References
CVE-2008-0047
CVE-2008-0882
CVE-2008-0053
CVE-2008-1373
http://www.cups.org/str.php?L2729
http://www.cups.org/str.php?L2656
-- Jamie Strandboge <email address hidden> Wed, 26 Mar 2008 10:56:23 -0400
-
cupsys (1.3.2-1ubuntu7.5) gutsy-proposed; urgency=low
* Add debian/patches/fix_regression_reactivate_net_ifaces_changes_detection.dpatch:
Fix a regression in upstream code that has removed the network interface
update poll, which caused sharing of local printers to not work for
interfaces which turned up after cups startup. (CUPS STR #2631,
LP: #177075).
cupsys (1.3.2-1ubuntu7.4) gutsy-proposed; urgency=low
[ Martin Pitt ]
* debian/local/apparmor-profile: Reapply changes of previous SRU which got
superseded by a security update:
- Allow rw access to /dev/parport* and ro access to
/proc/sys/dev/parport/**, so that parallel port printer detection works.
- Allow bluetooth socket creation to unbreak the bluetooth backend.
(LP: #147800)
- Permit reading /etc/pnm2ppa.conf. (LP: #155530)
- Only restrict backends which are shipped by cupsys itself (or known
packages like cups-pdf). All other backends remain unrestricted, since we
cannot predict which privileges they need. (LP: #152537)
[ Till Kamppeter ]
* debian/patches/cups-stops-broadcasting-on-HUP-with-explicit-BrowseAddress.dpatch:
- CUPS stopped broadcasting on a HUP signal when using a fixed
BrowseAddress (CUPS STR #2618, LP: #173470).
-- Hugues Fournier <email address hidden> Wed, 09 Jan 2008 17:12:19 +0100
-
cupsys (1.3.2-1ubuntu7.4) gutsy-proposed; urgency=low
[ Martin Pitt ]
* debian/local/apparmor-profile: Reapply changes of previous SRU which got
superseded by a security update:
- Allow rw access to /dev/parport* and ro access to
/proc/sys/dev/parport/**, so that parallel port printer detection works.
- Allow bluetooth socket creation to unbreak the bluetooth backend.
(LP: #147800)
- Permit reading /etc/pnm2ppa.conf. (LP: #155530)
- Only restrict backends which are shipped by cupsys itself (or known
packages like cups-pdf). All other backends remain unrestricted, since we
cannot predict which privileges they need. (LP: #152537)
[ Till Kamppeter ]
* debian/patches/cups-stops-broadcasting-on-HUP-with-explicit-BrowseAddress.dpatch:
- CUPS stopped broadcasting on a HUP signal when using a fixed
BrowseAddress (CUPS STR #2618, LP: #173470).
-- Martin Pitt <email address hidden> Wed, 09 Jan 2008 09:03:49 +0100
-
cupsys (1.3.2-1ubuntu7.3) gutsy-security; urgency=low
* SECURITY UPDATE: tempfile race, denial of service in SNMP backend.
* Add 70_CVE-2007-6358.dpatch, 71_CVE-2007-5849.dpatch: upstream fixes
thanks to Kenshi Muto.
* References
CVE-2007-6358
CVE-2007-5849
-- Kees Cook <email address hidden> Mon, 07 Jan 2008 16:08:28 -0800
-
cupsys (1.3.2-1ubuntu7.2) gutsy-proposed; urgency=low
* debian/local/apparmor-profile:
- Allow rw access to /dev/parport* and ro access to
/proc/sys/dev/parport/**, so that parallel port printer detection works.
- Allow bluetooth socket creation to unbreak the bluetooth backend.
(LP: #147800)
- Permit reading /etc/pnm2ppa.conf. (LP: #155530)
- Only restrict backends which are shipped by cupsys itself (or known
packages like cups-pdf). All other backends remain unrestricted, since we
cannot predict which privileges they need. (LP: #152537)
-- Martin Pitt <email address hidden> Mon, 03 Dec 2007 10:07:09 +0100
-
cupsys (1.3.2-1ubuntu7.1) gutsy-security; urgency=low
* SECURITY UPDATE: arbitrary code execution via stack overflow.
* Add debian/patches/ipptags-corruption-fix.dpatch: upstream fixes
from Michael Sweet.
* References
CVE-2007-4351
-- Kees Cook <email address hidden> Thu, 01 Nov 2007 06:52:01 -0700
-
cupsys (1.3.2-1ubuntu7) gutsy; urgency=low
* debian/cupsys.postinst: Drop ancient transitional code to remove root from
group lpadmin. Under very odd circumstances ("root" has the same UID than
the user) this could cause the user to be removed from group 'lpadmin'.
Quite unlikely that this is the prime reason for LP #134503, but it's much
cleaner in any case.
-- Martin Pitt <email address hidden> Mon, 15 Oct 2007 12:32:16 +0200
-
cupsys (1.3.2-1ubuntu6) gutsy; urgency=low
* debian/local/apparmor-profile: Allow 'm' (executable mmapping) of
/etc/shadow. This does not actually extend privileges since it is already
readable, and does not actually make sense, but some weird backends want
to do it nevertheless. (LP: #152061)
-- Martin Pitt <email address hidden> Sun, 14 Oct 2007 22:01:31 +0200
-
cupsys (1.3.2-1ubuntu5) gutsy; urgency=low
* Revert previous approach to symlinking of documentation directories, and
do it in a way that's more in line with the existing code in
debian/rules.
* debian/cupsys.docs: Remove duplicate files (LP: #149106).
* Make libcupsys2 replace the broken version of cupsys to help out people
who used dpkg --force-overwrite wrongly.
* Fix dh_compress arguments to cope with moved examples.
* debian/cupsys.preinst, debian/cupsys-common.preinst: Remove old
directories before unpack, since dpkg won't replace directories with
symlinks.
-- Colin Watson <email address hidden> Fri, 05 Oct 2007 02:46:34 +0100
-
cupsys (1.3.2-1ubuntu4) gutsy; urgency=low
* cupsys-common: Depend on libcupsys2.
* Symlink doc directories to avoid duplicate files.
-- Matthias Klose <email address hidden> Thu, 04 Oct 2007 17:45:31 +0200
-
cupsys (1.3.2-1ubuntu3) gutsy; urgency=low
* No-change upload of 1ubuntu1, to revert the 1ubuntu2 upload which should
never have happened.
-- Martin Pitt <email address hidden> Thu, 04 Oct 2007 13:42:28 +0200
-
cupsys (1.3.2-1ubuntu2) gutsy; urgency=low
* debian/local/apparmor-profile: Allow cups-pdf to write into ~/Desktop
so that ~/Desktop can be used as default destination for the PDFs created
by cups-pdf. The old destination ~/PDF is still allowed to simplify package
updates.
-- Till Kamppeter <email address hidden> Wed, 4 Oct 2007 17:01:06 +0100
-
cupsys (1.3.2-1ubuntu1) gutsy; urgency=low
* Merge from Debian to get new upstream bug fix microrelease. (LP: #140877)
* Removed debian/patches/fix_auto_rotate_images.dpatch: Fixed upstream
(although slightly differently).
* debian/local/apparmor-profile: Allow 'm' access to /etc/{passwd,group}.
Apparently some backends want it that way. (part of LP #139665)
* debian/local/apparmor-profile: Add forgotten /usr/lib/cups/cgi-bin/* rule
to unbreak the web interface (regression from 1.3.0-4ubuntu2).
cupsys (1.3.2-1) unstable; urgency=low
* New upstream bug fix release.
- Fixes web interface for many browsers. (STR#2472, Closes: #440589)
* Remove str2488-fix-localedir.dpatch, str2505_localize.dpatch,
str2508-dont_kill_edit-config.tmpl.dpatch: Fixed upstream.
-- Martin Pitt <email address hidden> Wed, 19 Sep 2007 08:39:59 +0200
-
cupsys (1.3.0-4ubuntu4) gutsy; urgency=low
[ Martin Pitt ]
* debian/local/apparmor-profile: Allow cups-pdf to read /etc/papersize.
[ Till Kamppeter ]
* debian/patches/fix_auto_rotate_images.dpatch: Fix auto-rotation for best
fit of images on the paper (CUPS STRs #2502 and #2513).
-- Martin Pitt <email address hidden> Wed, 12 Sep 2007 19:06:02 +0200
-
cupsys (1.3.0-4ubuntu3) gutsy; urgency=low
* debian/local/apparmor-profile: Use abstraction tunable variables for
/proc and /home.
-- Kees Cook <email address hidden> Wed, 12 Sep 2007 22:07:50 -0700
-
cupsys (1.3.0-4ubuntu2) gutsy; urgency=low
* debian/local/apparmor-profile: #139105 was not a bug after all, but rather
a misunderstood concept of AppArmor. Change the profile to allow
unrestricted execution of filters, which are always run as unprivileged
system user anyway. This should unbreak most third-party printer drivers.
-- Martin Pitt <email address hidden> Wed, 12 Sep 2007 19:02:43 +0200
-
cupsys (1.3.0-4ubuntu1) gutsy; urgency=low
* Merge bugfixes from Debian.
* debian/local/apparmor-profile: Append slashes to directory names, since
AppArmor 2.1 wants it that way.
* debian/local/apparmor-profile: Open up the profile for third-party printer
drivers (like Turboprint, and other stuff in /usr/local/). This requires
opening up the profile much more than necessary, due to AppArmor bug
#139105. (LP: #133818)
cupsys (1.3.0-4) unstable; urgency=low
* Install PO files again, but this time under /usr/share/cups/locale. cups
has its own crazy PO file parser.
* Add debian/patches/str2488-fix-localedir.dpatch: Make the --localedir
configure option actually work (taken from upstream SVN, STR#2488)
* debian/rules: Add --enable-gssapi to ensure that the package is built with
Kerberos support.
* debian/rules: Use -Wl,--as-needed linker flag. This drops a few
unnecessary dependencies and should make checklib much happier.
* Add debian/patches/str2508-dont_kill_edit-config.tmpl.dpatch: Do not kill
edit-config.tmpl on distclean. Forwarded upstream as STR#2508.
(Closes: #441697)
* Add debian/patches/str2505_localize.dpatch: Fix localization of web
interface (STR#2505, Closes: #440256)
-- Martin Pitt <email address hidden> Wed, 12 Sep 2007 15:34:13 +0200
-
cupsys (1.3.0-3ubuntu1) gutsy; urgency=low
* Merge bugfixes from Debian.
* debian/local/apparmor-profile: Allow dac_override for now; this is
slightly nasty, but cups chowns a lot of files (e. g. in
/var/spool/cups/tmp) to 'lp' and thus cannot read/write them any more
afterwards. Since we confine file access pretty tightly, this should not
be much of a problem. (LP: #133015)
* debian/local/apparmor-profile: cupsd should manage /etc/printcap.
(LP: #132969)
cupsys (1.3.0-3) unstable; urgency=low
[ Martin Pitt ]
* debian/control: Allow 'ghostscript' as alternative dependency to gs-esp.
* debian/cupsys.dirs: Create /usr/lib/cups/backend/ (regression from the big
debian/rules cleanup). (closes: #438432)
* debian/cupsys.preinst: Bump the version comparison for the file owner
cleanup, since some log files were still left as owned by 'cupsys' until
#437536 was fixed.
* debian/cupsys-common.files: Do not install the .po files, cups does not
use them at runtime. (closes: #438625)
[ Till Kamppeter ]
* debian/local/postscript.ppd: New generic PostScript PPD file for
unknown PostScript printers added.
-- Martin Pitt <email address hidden> Tue, 21 Aug 2007 07:48:34 +0200
-
cupsys (1.3.0-2ubuntu2) gutsy; urgency=low
* debian/local/postscript.ppd: New generic PostScript PPD file for
unknown PostScript printers added.
-- Till Kamppeter <email address hidden> Thu, 16 Aug 2007 18:01:06 +0100
-
cupsys (1.3.0-2ubuntu1) gutsy; urgency=low
* Merge from debian unstable, remaining changes:
- TearDown (fast shutdown):
+ debian/control: Add sysv-rc (>= 2.86.ds1-14.1ubuntu2) dependency.
+ debian/rules: Use 'multiuser' update-rc.d mode.
- debian/control, debian/rules: Drop cupsys-dbg package.
- debian/cupsys.postinst: Various transitions that need to be kept until
the next LTS:
+ Auto-enable snmp, scsi, and serial backends on upgrade.
+ Revert to single cupsd.conf file.
+ Remove obsolete rc.d links.
- debian/patches/ubuntu-default-error-policy-retry-job.dpatch: Retry a
failed job instead of stopping the print queue.
- debian/patches/ubuntu-disable-browsing.dpatch: Disable browsing by
default.
- Add AppArmor profile:
+ debian/local/apparmor-profile
+ debian/cupsys.postinst: Reload AA profile on configuration.
cupsys (1.3.0-2) unstable; urgency=low
* debian/control: Re-add erroneously dropped adduser dependencies to cupsys
and cupsys-client. Still needed for addgroup lpadmin. (closes: #437951)
* debian/control: Add missing libkrb5-dev dependency to libcupsys2-dev.
cupsys (1.3.0-1) unstable; urgency=low
[ Till Kamppeter ]
* New upstream release (first release of 1.3.x generation)
* 90_include_krb5_h_in_job_h.dpatch: Added a missing "#include <krb5.h>" to
the scheduler/job.h file (upstream bug).
* Regenerated patches: 44_fixconfdirperms.dpatch, 47_pid.dpatch,
70_reactivate_recommended_driver.dpatch.
* Removed patches (fixed upstream): 53_usr_share_ppd_support.dpatch,
55_ppd_okidata_name.dpatch, 68_edit-config.dpatch
* debian/control: Added "libkrb5-dev", and "libavahi-compat-libdnssd-dev"
to the build dependencies, so that the new Kerberos and DNS Service
Discovery support of CUPS gets compiled.
* debian/libcupsys2-dev.files: Removed /usr/include/cups/md5.h This file is
not provided any more by CUPS
* debian/cupsys.install, debian/cupsys-client.files: Added new files.
* debian/rules: Added more files to "clean::" rule which upstream has
forgotten in "make clean".
[ Martin Pitt ]
* Bump library shlibs to >= 1.3.0.
* Drop 02_configure.dpatch, upstream configure does not set rpath any more
for prefix=/usr.
* Drop 54_cups-config_modeldir.dpatch, --modeldir was never actually used
anywhere and not documented, and LSB prescribes /usr/share/ppd/ anyway.
* Drop 56_dirsvc.dpatch, which was fixed upstream long ago and disabled in
00list anyway since then.
* Drop 67_printcap.dpatch: /var/run/cups/printcap is now the implicit
default upstream.
* debian/patches: Drop number prefixes from patches. The enumeration is not
useful at all any more since it both got inflated and is not sorted by any
category. With dpatch we also do not need number prefixes.
-- Martin Pitt <email address hidden> Wed, 15 Aug 2007 09:39:08 +0200
-
cupsys (1.3.0-0ubuntu1) gutsy; urgency=low
[ Till Kamppeter ]
* New upstream release (first release of 1.3.x generation)
* 90_include_krb5_h_in_job_h.dpatch: Added a missing "#include <krb5.h>" to
the scheduler/job.h file (upstream bug).
* Regenerated patches: 44_fixconfdirperms.dpatch, 47_pid.dpatch,
70_reactivate_recommended_driver.dpatch, ubuntu-disable-browsing.dpatch,
ubuntu-default-error-policy-retry-job.dpatch
* Removed patches (fixed upstream): 53_usr_share_ppd_support.dpatch,
55_ppd_okidata_name.dpatch, 68_edit-config.dpatch
* debian/control: Added "libkrb5-dev", and "libavahi-compat-libdnssd-dev"
to the build dependencies, so that the new Kerberos and DNS Service
Discovery support of CUPS gets compiled.
* debian/libcupsys2-dev.files: Removed /usr/include/cups/md5.h This file is
not provided any more by CUPS
* debian/cupsys.install, debian/cupsys-client.files: Added new files.
* debian/rules: Added more files to "clean::" rule which upstream has
forgotten in "make clean".
[ Martin Pitt ]
* debian/local/apparmor-profile: Some more updates to work with third-party
printer drivers (also under /opt).
* Bump library shlibs to >= 1.3.0.
-- Martin Pitt <email address hidden> Tue, 14 Aug 2007 20:00:00 +0200
-
cupsys (1.2.12-3ubuntu3) gutsy; urgency=low
* debian/local/apparmor-profile: Allow unrestricted access to hplip. This
has not been confined before and unbreaks hplip until we get an actual
profile for it. (LP: #131470)
-- Martin Pitt <email address hidden> Tue, 14 Aug 2007 17:08:50 +0200
-
cupsys (1.2.12-3ubuntu2) gutsy; urgency=low
* cupsys.logrotate: Fix last occurence of 'cupsys' user.
* Moved all Debian specific filters to debian/local/filters.
* Cleaned up debian/rules, moved some file installs to
debian/cupsys.install.
* Merge debian/cupsys.files into debian/cupsys.install and remove the
former. Two different files are just too confusing.
* debian/local/filters/pdftops: Do not pass /etc/cups/pdftops.conf to
pdftops if it does not exist (poppler-utils does not have this file).
(LP: #125300)
* debian/local/apparmor-profile: Unbreak library access (for e. g.
ghostscript and gutenprint) and allow execution of pdftops and pstops.
* debian/local/apparmor-profile: Update profile to work with cups-pdf.
-- Martin Pitt <email address hidden> Sat, 11 Aug 2007 16:44:13 +0200
-
cupsys (1.2.12-3ubuntu1) gutsy; urgency=low
* Merge latest fixes from Debian unstable. (LP: #29050)
* debian/local/apparmor-profile:
- Use abstractions/authentication and drop the passwd/shadow/pam rules.
- Drop the redundant "/usr/lib/** mr" rule (already in 'base').
- Enforce by default, so that we get actual protection.
-- Martin Pitt <email address hidden> Thu, 09 Aug 2007 21:16:34 +0200
-
cupsys (1.2.12-2ubuntu2) gutsy; urgency=low
* cupsys.init.d: Remove stray chown'ing to 'cupsys' which does not exist any
more.'
-- Martin Pitt <email address hidden> Wed, 08 Aug 2007 12:56:01 +0200
-
cupsys (1.2.12-2ubuntu1) gutsy; urgency=low
* Merge from debian unstable, remaining changes:
- TearDown (fast shutdown):
+ debian/control: Add sysv-rc (>= 2.86.ds1-14.1ubuntu2) dependency.
+ debian/rules: Use 'multiuser' update-rc.d mode.
- debian/control, debian/rules: Drop cupsys-dbg package.
- debian/cupsys.postinst: Various transitions that need to be kept until
the next LTS:
+ Auto-enable snmp, scsi, and serial backends on upgrade.
+ Revert to single cupsd.conf file.
+ Remove obsolete rc.d links.
- debian/patches/ubuntu-default-error-policy-retry-job.dpatch: Retry a
failed job instead of stopping the print queue.
- debian/patches/ubuntu-disable-browsing.dpatch: Disable browsing by
default.
- Add AppArmor profile:
+ debian/local/apparmor-profile
+ debian/cupsys.postinst: Reload AA profile on configuration.
cupsys (1.2.12-2) unstable; urgency=low
[ Kenshi Muto ]
* Added scripting directory to /usr/share/doc/cupsys/examples.
This directory contains the binding code from Java, Perl, and PHP
to CUPS. (closes: #193076)
Although we Debian CUPS team cannot afford to maintain them,
some of you may want them.
* Added 'Recommends: cupsys' to cupsys-bsd. (closes: #426521)
* Changed cupsys-client from 'Recommends: cupsys-bsd' to 'Suggests:
cupsys-bsd.' because cupsys-bsd isn't so necessary for cupsys-client.
* Fixed to use 'cupsys' instead of 'cups' for PAM on cups-check-pam-auth.
(though Debian CUPS doesn't use this daemon) (closes: #425701)
* Added debconf-2.0 to the dependency of cupsys-bsd. (closes: #415684)
[ Martin Pitt ]
* Drop the derooting changes. It still has some regressions, and with
upstream not even acknowledging the need for improving cupsys' security we
will sit on this forever. This will be replaced by an AppArmor/SELinux
profiles in the future.
- Drop derooting related patches:
06_disable_backend_setuid.dpatch
10_external_pam_helper.dpatch
09_runasuser.dpatch
09_runasuser_autoconf.dpatch
- debian/cupsys{,-client}.postinst: Drop the 'cupsys' user setup and file
permission juggling.
- debian/rules:
+ Drop --with-cups-user configure option.
+ Do not modify the upstream default backend permissions.
- debian/cupsys.init.d: Do not touch log file permissions any more.
- debian/cupsys.files: Drop cups-check-pam-auth.
- debian/NEWS: Drop description of derooting changes.
- debian/control: Drop adduser dependency.
* debian/patches/44_fixconfdirperms.dpatch: Do not create
/var/run/cups/certs as lp:lpadmin, but as root:lpadmin, so that cupsd
does not need CAP_DAC_OVERRIDE. This will make it possible to create a
sensible AppArmor/SELinux profile.
* debian/cupsys.preinst: Fix file permissions on upgrades (owner cupsys ->
root).
* debian/control, debian/rules: Remove references to libcupsys2-gnutls10,
since it's a transitional package in Etch and not relevant any more in
Lenny.
* debian/cupsys.{pre,post}inst: Remove obsolete transition bits.
* Remove obsolete debian/patches/05_avoidunknowngroup.dpatch.
* Use ssl-cert's "snakeoil" SSL certificate by default: (Closes: #402370)
- debian/control: Add ssl-cert dependency.
- debian/cupsys.postinst: Symlink snakeoil SSL certificate if present, and
there is none present yet.
* debian/control: Replace obsolete ${Source-Version} with ${binary:Version}.
[ Till Kamppeter ]
* Add debian/local/textonly.{ppd,filter}: Text-only printer driver from Red
Hat. Install it in debian/rules.
* debian/rules: Install the D-Bus config file so that CUPS reports
job progress to dbus clients (like sytem-config-printer).
* Add debian/local/oopstops.{.pl,types,convs}: Helge Bliscke's oopstops
filter to work around the bugs in the PostScript output of OpenOffice.org
(from http://www.srz.de/Members/bla/cups/filter/oopstops). Install them in
debian/rules.
-- Martin Pitt <email address hidden> Mon, 06 Aug 2007 16:24:49 +0200
-
cupsys (1.2.12-1ubuntu3) gutsy; urgency=low
* debian/rules: Install the D-Bus config file so that CUPS reports
job progress to the applet of sytem-config-printer
* debian/rules, devian/textonly.ppd, debian/textonly.filter: Added text-only
printer driver from Red Hat.
-- Till Kamppeter <email address hidden> Sun, 5 Aug 2007 20:22:06 +0100
-
cupsys (1.2.12-1ubuntu2) gutsy; urgency=low
* Drop our derooting changes. It still has some regressions, and with
upstream not even acknowledging the need for improving cupsys' security we
will sit on this forever. (LP: #119289, LP: #129634)
- Drop derooting related patches:
06_disable_backend_setuid.dpatch
10_external_pam_helper.dpatch
09_runasuser.dpatch
09_runasuser_autoconf.dpatch
- debian/cupsys{,-client}.postinst: Drop the 'cupsys' user setup and file
permission juggling.
- debian/rules:
+ Drop --with-cups-user and --enable-privilege-dropping configure
options.
+ Do not modify the upstream default backend permissions.
- debian/cupsys.init.d: Do not touch log file permissions any more.
- debian/cupsys.files: Drop cups-check-pam-auth.
- debian/NEWS: Drop description of derooting changes.
- debian/control: Drop adduser dependency.
* debian/patches/44_fixconfdirperms.dpatch: Do not create
/var/run/cups/certs as lp:lpadmin, but as root:lpadmin, so that cupsd
does not need CAP_DAC_OVERRIDE. This will make it possible to create a
sensible AppArmor profile.
* debian/cupsys.preinst: Fix file permissions on upgrades (owner cupsys ->
root).
* Add debian/local/apparmor-profile: AppArmor profile for cupsys, to replace
the former derooting patches. This uses complain mode for now, until we
got some more testing. Install it to /etc/apparmor.d/usr.sbin.cupsd in
debian/rules and reload apparmor in debian/cupsys.postinst on configure.
-- Martin Pitt <email address hidden> Thu, 02 Aug 2007 14:06:05 +0200
-
cupsys (1.2.12-1ubuntu1) gutsy; urgency=low
* Merge to Debian's svn head to get upstream fixes.
* debian/patches/10_external_pam_helper.dpatch: Close pipes in the case of
errors, too. This can not really be responsible for the mess in #112803,
but should be fixed anyway.
cupsys (1.2.12-2) UNRELEASED; urgency=low
[ Kenshi Muto ]
* Added scripting directory to /usr/share/doc/cupsys/examples.
This directory contains the binding code from Java, Perl, and PHP
to CUPS.
Although we Debian CUPS team cannot afford to maintain them,
some of you may want them.
* Added 'Recommends: cupsys' to cupsys-bsd. (closes: #426521)
* Changed cupsys-client from 'Recommends: cupsys-bsd' to 'Suggests:
cupsys-bsd.' because cupsys-bsd isn't so necessary for cupsys-client.
** Well, is it time to separate cupsys and cupsys-bin? (#233339) **
cupsys (1.2.12-1) unstable; urgency=low
* New upstream release
* removed unnecessary dependency against patch package (Closes: #431069)
* Debconf translation
- Danish (Closes: #426772)
- Vietnamese (Closes: #426822)
- Spanish (Closes: #430004)
* Disabled external_pam_helper due to #425944 and Ubuntu#112803.
(closes: #425944)
-- Martin Pitt <email address hidden> Mon, 16 Jul 2007 15:58:08 +0200
-
cupsys (1.2.11-2ubuntu2) gutsy; urgency=low
* debian/oopstops*, debian/rules: Added Helge Bliscke's
oopstops filter to work around the bugs in the PostScript output of
OpenOffice.org (from http://www.srz.de/Members/bla/cups/filter/oopstops).
-- Till Kamppeter <email address hidden> Mon, 4 Jun 2007 11:22:06 +0100
-
cupsys (1.2.11-2ubuntu1) gutsy; urgency=low
* Merge ipp fix from Debian unstable.
cupsys (1.2.11-2) unstable; urgency=low
* debian/rules: Latest cups installs the ipp backend with 0700 permissions,
which makes it inaccessible to both the cups daemon (Closes: #423972) and
unreadable for users (Closes: #415872)
-- Martin Pitt <email address hidden> Wed, 16 May 2007 09:16:33 +0200
-
cupsys (1.2.11-1ubuntu1) gutsy; urgency=low
* Synchronize to Debian; remaining Ubuntu changes:
- Snakeoil SSL cert support:
+ debian/control: Add ssl-cert dependency.
+ debian/cupsys.postinst: Symlink snakeoil SSL certificate if present.
+ debian/cupsys.preinst: Fix global SSL certificate owner/mode breakage
(see 1.2.1-2ubuntu2); this needs to be kept until the next LTS
release.
- TearDown (fast shutdown):
+ debian/control: Add sysv-rc (>= 2.86.ds1-14.1ubuntu2) dependency.
+ debian/cupsys.postinst: Remove obsolete rc.d links.
+ debian/rules: Use 'multiuser' update-rc.d mode.
- debian/control: Drop cupsys-dbg.
- debian/cupsys.{config,postinst}: Transition to enable additional
backends on upgrades. Needs to be kept until next LTS release.
- debian/patches/ubuntu-default-error-policy-retry-job.dpatch: Retry a
failed job instead of stopping the print queue.
- debian/patches/ubuntu-disable-browsing.dpatch: Disable browsing by
default.
* Drop patches which are upstream now:
- 80_brother_no_backchannel.dpatch
- 92_texttops-prettyprint-crash.dpatch
- 94_doc-port-in-client-conf.dpatch
- 96_more-bug-fixes-between-cups-1.2.8-1.2.9.dpatch
- 90_testpage-on-large-paper-sizes.dpatch
cupsys (1.2.11-1) unstable; urgency=low
[ Kenshi Muto ]
* Applied templates improvement patch contributed by
debian-l10n-english team. (closes: #416350)
* Debconf translation
- Japanese
- Galician (closes: #416357)
- Swedish (closes: #416356)
- Catalan (closes: #416367)
- Basque (closes: #416385)
- Norwegian (closes: #416401)
- Italian (closes: #416407)
* New upstream version 1.2.11:
- 56_dirsvc patch is merged.
[ Christian Perrier ]
* Debconf translation
- Czech (closes: #416939)
- German (closes: #416994)
- Brazilian Portuguese (closes: #417249)
- French
- Malayalam. (closes: #418030)
- Russian. (closes: #417874)
- Dutch. (closes: #418135)
- Portuguese (closes: #418299)
[ Martin Pitt ]
* New upstream bugfix release (closes: #421899).
Synchronize patches with Ubuntu and new upstream version 1.2.10:
* Drop patches which are fixed upstream:
00_00str2111.dpatch, 00_01str2137.dpatch, 00_02str2144.dpatch,
00_03str2106.dpatch, 00_04str2117.dpatch, 00_05str2133.dpatch,
00_06str2121.dpatch, 00_07str2123.dpatch, 00_08str2135.dpatch,
00_09str2198.dpatch, 03_clean.dpatch, 65_detect_http_shutdown.dpatch
* Remove a few obsolete patches:
08_cupsd.conf.conf.d.dpatch, 26_modprobe.dpatch, 48_stdlib.dpatch,
61_job_c_strangeloop.dpatch, 08_cupsd.conf.conf.d.dpatch,
64_driverfolder.dpatch.
* Add debian/patches/14_dont_force_ssl.dpatch: Do not require SSL for /admin
pages, since gnome-cups-manager (and most probably other GUI frontends)
does not support this.
* Add debian/patches/58_cupsd.conf-AllowLocal.dpatch: Allow access to local
ethernet by default. This just affects the ACL, for actually enabling
access cupsd needs to be switched to not only listen on localhost. With
that, this setting does not need to be configured in two different places.
* Add debian/patches/70_reactivate_recommended_driver.dpatch: Upstream CUPS
filters the "(recommended)" marking from the NickNames of the PPD files
when listing PPDs. These are an important orientation for the user and
they are also made use of by some printer setup tools. We need them at
least until a better solution for recommending drivers gets available.
* Add debian/patches/98_search_mime_files_in_usr_share.dpatch: Let CUPS also
search for *.types and *.convs files in /usr/share/cups/mime. This way
packages can provide *.types and *.convs files which do not get considered
as conffiles. (See https://launchpad.net/36532 for details).
* debian/patches/*.dpatch: Forwarded a lot of patches to upstream bug
tracker, add STR URLs to dpatch DP: headers.
Synchronize packaging with Ubuntu:
* debian/control: Drop transitional libcupsys2-gnutls10 package, it was only
required for Sarge->Etch upgrades.
* debian/control: Change netbase dependency to update-inetd, since that
lives in its own package now.
* debian/local/enable_sharing: Also match on 127.0.0.1 IP adresses in
addition to 'localhost'.
* debian/rules: Most of the clean:: rule is obsolete, only two files are
left behind now. These two have been reported upstream in
http://www.cups.org/str.php?L2366.
* debian/cupsys.templates: Activate SCSI, serial, and SNMP backends by
default. With these backends activated, many printers can be easily set up
with the printer setup tools. Especially network printers get
auto-detected and the correct URI gets assigned to them (doing this
manually is a non-trivial task for most users).
* debian/cupsys.dirs: Add /usr/share/ppd/custom/, a place where lpadmins can
store additional PPDs (this functionality is e. g. provided in
gnome-cups-manager's "Custom driver..." file dialog).
* debian/cupsys.init.d: Give proper permissions to /usr/share/ppd/custom/:
root:lpadmin 3775. Drop the obsolete chmod/chowning of
/usr/share/cups/model.
* Run the backend as non-root system user to confine the impact of security
vulnerabilities:
- Add debian/patches/10_external_pam_helper.dpatch:
+ Add a helper program 'cups-check-pam-auth' which performs PAM
authentication and returns the status as exit code.
+ scheduler/auth.c, cupsdAuthorize(): Attempt to use
cups-check-pam-auth before trying native PAM.
+ With this we do not need to put the cupsys user into the shadow group.
- debian/cupsys.files: Install PAM helper.
- debian/cupsys.postinst: Set permissions of PAM helper to cupsys:shadow
2754, alter permissions of some configuration files and directories to
work with non-root cupsd.
- debian/cupsys.postinst: Fix /var/cache/cups/ permissions for upgrades
which might have written cache files as root.
- debian/cupsys.logrotate: Save log files as cupsys:lpadmin.
- debian/cupsys.init.d: Disable 'reload'; change force-reload to restart,
since cupsd cannot reload as non-root.
- debian/cupsys.init.d: Set up proper permissions of log files.
- debian/rules: Enable --enable-privilege-dropping configure option.
- debian/rules: Install lpd backend suid root, so that it can bind to
ports < 1024 (really silly, but required for RFC compliance).
- debian/cupsys-client.postinst, debian/cupsys.postinst: Set up cupsys
system user.
* debian/NEWS: Describe derooting.
-- Martin Pitt <email address hidden> Mon, 14 May 2007 11:07:42 +0200
-
cupsys (1.2.8-0ubuntu8) feisty; urgency=low
* debian/cupsys.postinst: Clean up the mess which cupsys_1.2.8-0ubuntu3 and
later caused by activating all the CUPS backends (closes: LP#92042).
* debian/cupsys.postinst, debian/rules: Removed directories /opt/share/ppd
and /usr/local/share/ppd. LSB 3.2 will only require /usr/share/ppd
(PPD files and directories at other places should be symlinked to here)
to not conflict with FHS (closes: LP#94353).
-- Till Kamppeter <email address hidden> Tue, 3 Apr 2007 17:22:06 +0100
