-
foomatic-filters (4.0.16-0ubuntu0.4) precise-security; urgency=medium
* SECURITY UPDATE: code execution via improper escaping in foomatic-rip
- debian/patches/CVE-2015-8560.patch: add semicolon to list of shell
escape characters in util.c.
- CVE-2015-8560
-- Marc Deslauriers <email address hidden> Wed, 16 Dec 2015 08:14:06 -0500
-
foomatic-filters (4.0.16-0ubuntu0.3) precise-security; urgency=medium
* SECURITY UPDATE: code execution via improper escaping in foomatic-rip
- debian/patches/CVE-2015-8327.patch: add backtick to list of shell
escape characters in util.c.
- CVE-2015-8327
-- Marc Deslauriers <email address hidden> Thu, 03 Dec 2015 09:05:08 -0500
-
foomatic-filters (4.0.16-0ubuntu0.2) precise-proposed; urgency=low
* debian/patches/path_max_65536.patch: Raised length of fixed-length strings
for CUPS filter calls to 65536 bytes, to assure that the filter command
lines get built correctly also with very many command line options
(LP: #1019662).
-- Till Kamppeter <email address hidden> Mon, 2 Jul 2012 18:27:03 +0200
-
foomatic-filters (4.0.16-0ubuntu0.1) precise-proposed; urgency=low
* New upstream release
- Fixes LP: #1002699.
- Fixed off-by-one bug which has cut off the last character of the
option string for CUPS (5th command line argument) and so made the
last option setting not being applied.
- Fixed wrong access to command line option list which prevented the
command line options being passed on to the pdftops CUPS filter
when incoming PDF is converted to PostScript.
-- Till Kamppeter <email address hidden> Mon, 18 Jun 2012 21:37:03 +0200
-
foomatic-filters (4.0.15-0ubuntu1) precise; urgency=low
* New upstream release
- Improved check whether a driver works with PDF input data:
Do not take into account bogus options which appear due to bugs in
PPD files (type is TYPE_NONE) or composite options and in addition
add debug output to show the reason for the decision to convert to
PostScript (LP: #953962).
foomatic-filters (4.0.14-1) unstable; urgency=low
[ Till Kamppeter ]
* New upstream release
- If the input data is PDF but the driver requires PostScript, use the
pdftops CUPS filter when CUPS is the spooler. This way we always use
the same method to convert PDF to PostScript in the whole system,
including any workarounds applied in the CUPS filter.
[ Didier Raboud ]
* Bump debhelper compat to 9 for auto-buildflags.
* Bump Standards-Version to 3.9.3 without changes needed.
-- Till Kamppeter <email address hidden> Fri, 23 Mar 2012 13:41:03 +0100
-
foomatic-filters (4.0.14-0ubuntu1) precise; urgency=low
* New upstream release
- If the input data is PDF but the driver requires PostScript, use the
pdftops CUPS filter when CUPS is the spooler. This way we always use
the same method to convert PDF to PostScript in the whole system,
including any workarounds applied in the CUPS filter.
foomatic-filters (4.0.13-1) unstable; urgency=low
[ Till Kamppeter ]
* New upstream release
- Do not use a string buffer limited to 512 characters for the options
string supplied by CUPS through the fifth command line argument. Some
PPD files can produce much longer option strings.
[ Slavko ]
* Add Slovak po-debconf translation. (Closes: #647119)
-- Till Kamppeter <email address hidden> Wed, 14 Mar 2012 21:09:03 +0100
-
foomatic-filters (4.0.13-0ubuntu1) precise; urgency=low
* New upstream release
- Do not use a string buffer limited to 512 characters for the options
string supplied by CUPS through the fifth command line argument. Some
PPD files can produce much longer option strings.
-- Till Kamppeter <email address hidden> Fri, 2 Mar 2012 14:25:03 +0100
-
foomatic-filters (4.0.12-1) unstable; urgency=low
[ Till Kamppeter ]
* New upstream release
- If incoming PDF needs to be converted to PostScript
due to the filter command line not being a standard Ghostscript
command line, no separate PDF command line being supplied, or
options in the PPD being implemented by PostScript code, use
preferrably Ghostscript (with the "ps2write" device) for this
conversion as Ghostscript is better optimized for printing and
has a more sophisticated color management compared to Poppler.
- SECURITY FIX: Use the mktemp shell command/mkstemp() function to create
the debug log file and the renderer input data file (both files only
generated when foomatic-rip is un in debug mode) with file names with an
unpredictable part. The names are /tmp/foomatic-rip-XXXXXX.log and
/tmp/foomatic-rip-YYYYYY.ps where the XXXXXX and YYYYYY are replaced by
random strings. Thanks to Tim Waugh from Red Hat for for the patch
(Upstream bug #936, CVE-2011-2924).
* debian/patches/use-ghostscript-for-pdf-to-ps.patch: Removed, merged
upstream.
-- Didier Raboud <email address hidden> Sun, 12 Feb 2012 16:50:51 +0100
-
foomatic-filters (4.0.9-1ubuntu2) oneiric; urgency=low
* debian/patches/use-ghostscript-for-pdf-to-ps.patch: Use Ghostscript instead
of Poppler if the driver needs to have incoming PDF converted to PostScript.
-- Till Kamppeter <email address hidden> Thu, 25 Aug 2011 09:03:03 +0200
