Author: Ubuntu Git Importer
Author Date: 2020-05-09 17:03:18 UTC

DSC file for 2.2.10-6+deb10u3

Author: Didier Raboud
Author Date: 2020-04-25 16:27:21 UTC

Import patches-unapplied version 2.2.10-6+deb10u3 to debian/buster

Imported using git-ubuntu import.

Changelog parent: 971ed41e61f32350812dee04602ff723d06479b3

New changelog entries:
  * Backport upstream security fixes:
    - CVE-2020-3898: heap-buffer-overflow in libcups’s ppdFindOption()
      function in ppd-mark.c
    - CVE-2019-8842: The `ippReadIO` function may under-read an extension
      field

Author: Ubuntu Git Importer
Author Date: 2020-05-01 17:15:35 UTC

DSC file for 2.3.3-1

Author: Didier Raboud
Author Date: 2020-05-01 15:28:22 UTC

Import patches-unapplied version 2.3.3-1 to debian/sid

Imported using git-ubuntu import.

Changelog parent: 4770fc869743e3ecdc1c01ee98409aef901b2959

New changelog entries:
  * New 2.3.3 upstream release, with the two -12 security patches

Author: Didier Raboud
Author Date: 2020-05-01 15:28:22 UTC

Import patches-unapplied version 2.3.3-1 to debian/sid

Imported using git-ubuntu import.

Changelog parent: 4770fc869743e3ecdc1c01ee98409aef901b2959

New changelog entries:
  * New 2.3.3 upstream release, with the two -12 security patches

Author: Didier Raboud
Author Date: 2020-05-01 15:28:22 UTC

Import patches-unapplied version 2.3.3-1 to debian/sid

Imported using git-ubuntu import.

Changelog parent: 4770fc869743e3ecdc1c01ee98409aef901b2959

New changelog entries:
  * New 2.3.3 upstream release, with the two -12 security patches

Author: Didier Raboud
Author Date: 2020-05-01 15:28:22 UTC

Import patches-unapplied version 2.3.3-1 to debian/sid

Imported using git-ubuntu import.

Changelog parent: 4770fc869743e3ecdc1c01ee98409aef901b2959

New changelog entries:
  * New 2.3.3 upstream release, with the two -12 security patches

Author: Didier Raboud
Author Date: 2020-05-01 15:28:22 UTC

Import patches-unapplied version 2.3.3-1 to debian/sid

Imported using git-ubuntu import.

Changelog parent: 4770fc869743e3ecdc1c01ee98409aef901b2959

New changelog entries:
  * New 2.3.3 upstream release, with the two -12 security patches

Author: Marc Deslauriers
Author Date: 2020-04-24 10:48:53 UTC

Import patches-unapplied version 2.1.3-4ubuntu0.11 to ubuntu/xenial-security

Imported using git-ubuntu import.

Changelog parent: d3b7b4aee9040856adea577b65d3162e01a7a52b

New changelog entries:
  * SECURITY UPDATE: information disclosure via OOB read
    - debian/patches/CVE-2019-2228.patch: fix ippSetValueTag validation of
      default language in cups/ipp.c.
    - CVE-2019-2228
  * SECURITY UPDATE: heap-based buffer overflow
    - debian/patches/CVE-2020-3898.patch: properly handle invalid
      resolution names in cups/ppd.c, ppdc/ppdc-source.cxx.
    - CVE-2020-3898

Author: Marc Deslauriers
Author Date: 2020-04-24 10:48:53 UTC

Import patches-unapplied version 2.1.3-4ubuntu0.11 to ubuntu/xenial-security

Imported using git-ubuntu import.

Changelog parent: d3b7b4aee9040856adea577b65d3162e01a7a52b

New changelog entries:
  * SECURITY UPDATE: information disclosure via OOB read
    - debian/patches/CVE-2019-2228.patch: fix ippSetValueTag validation of
      default language in cups/ipp.c.
    - CVE-2019-2228
  * SECURITY UPDATE: heap-based buffer overflow
    - debian/patches/CVE-2020-3898.patch: properly handle invalid
      resolution names in cups/ppd.c, ppdc/ppdc-source.cxx.
    - CVE-2020-3898

Author: Marc Deslauriers
Author Date: 2020-04-24 10:48:53 UTC

Import patches-unapplied version 2.1.3-4ubuntu0.11 to ubuntu/xenial-security

Imported using git-ubuntu import.

Changelog parent: d3b7b4aee9040856adea577b65d3162e01a7a52b

New changelog entries:
  * SECURITY UPDATE: information disclosure via OOB read
    - debian/patches/CVE-2019-2228.patch: fix ippSetValueTag validation of
      default language in cups/ipp.c.
    - CVE-2019-2228
  * SECURITY UPDATE: heap-based buffer overflow
    - debian/patches/CVE-2020-3898.patch: properly handle invalid
      resolution names in cups/ppd.c, ppdc/ppdc-source.cxx.
    - CVE-2020-3898

Author: Marc Deslauriers
Author Date: 2020-04-24 10:42:08 UTC

Import patches-unapplied version 2.2.7-1ubuntu2.8 to ubuntu/bionic-security

Imported using git-ubuntu import.

Changelog parent: 4b4f22f48a0827bddbbc19491cd86c37c75e639e

New changelog entries:
  * SECURITY UPDATE: information disclosure via OOB read
    - debian/patches/CVE-2019-2228.patch: fix ippSetValueTag validation of
      default language in cups/ipp.c.
    - CVE-2019-2228
  * SECURITY UPDATE: heap-based buffer overflow
    - debian/patches/CVE-2020-3898.patch: properly handle invalid
      resolution names in cups/ppd.c, ppdc/ppdc-source.cxx.
    - CVE-2020-3898

Author: Marc Deslauriers
Author Date: 2020-04-24 10:42:08 UTC

Import patches-unapplied version 2.2.7-1ubuntu2.8 to ubuntu/bionic-security

Imported using git-ubuntu import.

Changelog parent: 4b4f22f48a0827bddbbc19491cd86c37c75e639e

New changelog entries:
  * SECURITY UPDATE: information disclosure via OOB read
    - debian/patches/CVE-2019-2228.patch: fix ippSetValueTag validation of
      default language in cups/ipp.c.
    - CVE-2019-2228
  * SECURITY UPDATE: heap-based buffer overflow
    - debian/patches/CVE-2020-3898.patch: properly handle invalid
      resolution names in cups/ppd.c, ppdc/ppdc-source.cxx.
    - CVE-2020-3898

Author: Marc Deslauriers
Author Date: 2020-04-24 10:42:08 UTC

Import patches-unapplied version 2.2.7-1ubuntu2.8 to ubuntu/bionic-security

Imported using git-ubuntu import.

Changelog parent: 4b4f22f48a0827bddbbc19491cd86c37c75e639e

New changelog entries:
  * SECURITY UPDATE: information disclosure via OOB read
    - debian/patches/CVE-2019-2228.patch: fix ippSetValueTag validation of
      default language in cups/ipp.c.
    - CVE-2019-2228
  * SECURITY UPDATE: heap-based buffer overflow
    - debian/patches/CVE-2020-3898.patch: properly handle invalid
      resolution names in cups/ppd.c, ppdc/ppdc-source.cxx.
    - CVE-2020-3898

Author: Marc Deslauriers
Author Date: 2020-04-24 10:39:27 UTC

Import patches-unapplied version 2.2.12-2ubuntu1.1 to ubuntu/eoan-security

Imported using git-ubuntu import.

Changelog parent: 28233a1777aede991a2c67694bdcd4d28e4a0d8f

New changelog entries:
  * SECURITY UPDATE: information disclosure via OOB read
    - debian/patches/CVE-2019-2228.patch: fix ippSetValueTag validation of
      default language in cups/ipp.c.
    - CVE-2019-2228
  * SECURITY UPDATE: heap-based buffer overflow
    - debian/patches/CVE-2020-3898.patch: properly handle invalid
      resolution names in cups/ppd.c, ppdc/ppdc-source.cxx.
    - CVE-2020-3898

Author: Marc Deslauriers
Author Date: 2020-04-24 10:39:27 UTC

Import patches-unapplied version 2.2.12-2ubuntu1.1 to ubuntu/eoan-security

Imported using git-ubuntu import.

Changelog parent: 28233a1777aede991a2c67694bdcd4d28e4a0d8f

New changelog entries:
  * SECURITY UPDATE: information disclosure via OOB read
    - debian/patches/CVE-2019-2228.patch: fix ippSetValueTag validation of
      default language in cups/ipp.c.
    - CVE-2019-2228
  * SECURITY UPDATE: heap-based buffer overflow
    - debian/patches/CVE-2020-3898.patch: properly handle invalid
      resolution names in cups/ppd.c, ppdc/ppdc-source.cxx.
    - CVE-2020-3898

Author: Marc Deslauriers
Author Date: 2020-04-24 10:39:27 UTC

Import patches-unapplied version 2.2.12-2ubuntu1.1 to ubuntu/eoan-security

Imported using git-ubuntu import.

Changelog parent: 28233a1777aede991a2c67694bdcd4d28e4a0d8f

New changelog entries:
  * SECURITY UPDATE: information disclosure via OOB read
    - debian/patches/CVE-2019-2228.patch: fix ippSetValueTag validation of
      default language in cups/ipp.c.
    - CVE-2019-2228
  * SECURITY UPDATE: heap-based buffer overflow
    - debian/patches/CVE-2020-3898.patch: properly handle invalid
      resolution names in cups/ppd.c, ppdc/ppdc-source.cxx.
    - CVE-2020-3898

Author: Marc Deslauriers
Author Date: 2020-04-24 10:37:14 UTC

Import patches-unapplied version 2.3.1-9ubuntu1.1 to ubuntu/focal-security

Imported using git-ubuntu import.

Changelog parent: 1c4a90a45e1d07e910915f9021aead5ff0596195

New changelog entries:
  * SECURITY UPDATE: heap-based buffer overflow
    - debian/patches/CVE-2020-3898.patch: properly handle invalid
      resolution names in cups/ppd.c, ppdc/ppdc-source.cxx.
    - CVE-2020-3898

Author: Marc Deslauriers
Author Date: 2020-04-24 10:37:14 UTC

Import patches-unapplied version 2.3.1-9ubuntu1.1 to ubuntu/focal-security

Imported using git-ubuntu import.

Changelog parent: 1c4a90a45e1d07e910915f9021aead5ff0596195

New changelog entries:
  * SECURITY UPDATE: heap-based buffer overflow
    - debian/patches/CVE-2020-3898.patch: properly handle invalid
      resolution names in cups/ppd.c, ppdc/ppdc-source.cxx.
    - CVE-2020-3898

Author: Marc Deslauriers
Author Date: 2020-04-24 10:37:14 UTC

Import patches-unapplied version 2.3.1-9ubuntu1.1 to ubuntu/focal-security

Imported using git-ubuntu import.

Changelog parent: 1c4a90a45e1d07e910915f9021aead5ff0596195

New changelog entries:
  * SECURITY UPDATE: heap-based buffer overflow
    - debian/patches/CVE-2020-3898.patch: properly handle invalid
      resolution names in cups/ppd.c, ppdc/ppdc-source.cxx.
    - CVE-2020-3898

Author: Till Kamppeter
Author Date: 2020-02-24 16:45:01 UTC

Import patches-unapplied version 2.3.1-9ubuntu1 to ubuntu/focal-proposed

Imported using git-ubuntu import.

Changelog parent: 07fd2ade2917a3ecf2d85436538f927fd176d05d

New changelog entries:
  * Revert all the CI test changes
  * Add the bug fixes (not CI test changes of 2.3.1-10:
    - Add Requires=cups.socket to cups.service, to make sure they start in
      the right order
    - Add patch proposal from RedHat to fix leakage of ppd (Issue: #5738)

Author: Till Kamppeter
Author Date: 2020-02-24 16:45:01 UTC

Import patches-unapplied version 2.3.1-9ubuntu1 to ubuntu/focal-proposed

Imported using git-ubuntu import.

Changelog parent: 07fd2ade2917a3ecf2d85436538f927fd176d05d

New changelog entries:
  * Revert all the CI test changes
  * Add the bug fixes (not CI test changes of 2.3.1-10:
    - Add Requires=cups.socket to cups.service, to make sure they start in
      the right order
    - Add patch proposal from RedHat to fix leakage of ppd (Issue: #5738)

Author: Didier Raboud
Author Date: 2020-01-19 09:53:03 UTC

Import patches-unapplied version 2.2.1-8+deb9u5 to debian/stretch

Imported using git-ubuntu import.

Changelog parent: 3928b4261e055c8e9c8676d23f9c0900ad6ab884

New changelog entries:
  * Backport upstream security fix:
    - CVE-2019-2228: The `ippSetValuetag` function did not validate the
      default language value (Closes: #946782)

Author: Didier Raboud
Author Date: 2020-02-01 13:50:33 UTC

Import patches-unapplied version 2.3.1-4+exp0 to debian/experimental

Imported using git-ubuntu import.

Changelog parent: 4162fe6a9bde32ab54c4523a397b79175fae5679

New changelog entries:
  * Move towards driverless-centered installation:
    - Drop all printer-driver-* and hplip recommends/suggests
  * Cleanup all versions from pre- Debian stable
  * Bump S-V to 4.5.0 without changes needed

Author: Till Kamppeter
Author Date: 2019-09-05 17:03:01 UTC

Import patches-unapplied version 2.2.12-2ubuntu1 to ubuntu/eoan-proposed

Imported using git-ubuntu import.

Changelog parent: 52fc6aa2edaaa54f9f9937df50f4bd4d4e1d8cf2

New changelog entries:
  * Add workaround for systemd's lack of true launch-on-demand
    support (Upstream issue #5640).

Author: Till Kamppeter
Author Date: 2019-09-05 17:03:01 UTC

Import patches-unapplied version 2.2.12-2ubuntu1 to ubuntu/eoan-proposed

Imported using git-ubuntu import.

Changelog parent: 52fc6aa2edaaa54f9f9937df50f4bd4d4e1d8cf2

New changelog entries:
  * Add workaround for systemd's lack of true launch-on-demand
    support (Upstream issue #5640).

Author: Alex Murray
Author Date: 2019-08-16 04:42:59 UTC

Import patches-unapplied version 2.2.10-4ubuntu2.1 to ubuntu/disco-security

Imported using git-ubuntu import.

Changelog parent: 3f838e21f243d781ba8d190778d438ddac55183f

New changelog entries:
  * SECURITY UPDATE: Stack buffer overflow in SNMP ASN.1 decoder
    - debian/patches/CVE-2019-86xx.patch: update cups/snmp.c to check for
      buffer overflow when decoding various ASN.1 elements.
    - CVE-2019-8675
    - CVE-2019-8696
  * SECURITY UPDATE: Buffer overflow in IPP
    - debian/patches/CVE-2019-86xx.patch: update cups/ipp.c to avoid
      buffer overflow due to tag type confusion
  * SECURITY UPDATE: Denial of service and memory disclosure in scheduler
    - debian/patches/CVE-2019-86xx.patch: update scheduler/client.c to
      avoid a denial of service and possible memory disclosure if the
      client unexpectedly closes the connection

Author: Alex Murray
Author Date: 2019-08-16 04:42:59 UTC

Import patches-unapplied version 2.2.10-4ubuntu2.1 to ubuntu/disco-security

Imported using git-ubuntu import.

Changelog parent: 3f838e21f243d781ba8d190778d438ddac55183f

New changelog entries:
  * SECURITY UPDATE: Stack buffer overflow in SNMP ASN.1 decoder
    - debian/patches/CVE-2019-86xx.patch: update cups/snmp.c to check for
      buffer overflow when decoding various ASN.1 elements.
    - CVE-2019-8675
    - CVE-2019-8696
  * SECURITY UPDATE: Buffer overflow in IPP
    - debian/patches/CVE-2019-86xx.patch: update cups/ipp.c to avoid
      buffer overflow due to tag type confusion
  * SECURITY UPDATE: Denial of service and memory disclosure in scheduler
    - debian/patches/CVE-2019-86xx.patch: update scheduler/client.c to
      avoid a denial of service and possible memory disclosure if the
      client unexpectedly closes the connection

Author: Alex Murray
Author Date: 2019-08-16 04:42:59 UTC

Import patches-unapplied version 2.2.10-4ubuntu2.1 to ubuntu/disco-security

Imported using git-ubuntu import.

Changelog parent: 3f838e21f243d781ba8d190778d438ddac55183f

New changelog entries:
  * SECURITY UPDATE: Stack buffer overflow in SNMP ASN.1 decoder
    - debian/patches/CVE-2019-86xx.patch: update cups/snmp.c to check for
      buffer overflow when decoding various ASN.1 elements.
    - CVE-2019-8675
    - CVE-2019-8696
  * SECURITY UPDATE: Buffer overflow in IPP
    - debian/patches/CVE-2019-86xx.patch: update cups/ipp.c to avoid
      buffer overflow due to tag type confusion
  * SECURITY UPDATE: Denial of service and memory disclosure in scheduler
    - debian/patches/CVE-2019-86xx.patch: update scheduler/client.c to
      avoid a denial of service and possible memory disclosure if the
      client unexpectedly closes the connection

Author: Dariusz Gadomski
Author Date: 2019-05-30 08:02:17 UTC

Import patches-unapplied version 2.2.7-1ubuntu2.6 to ubuntu/bionic-proposed

Imported using git-ubuntu import.

Changelog parent: f3d15850b3ee59a05c2bd98a6d6cbc7666507b59

New changelog entries:
  * d/p/0045-Fix-an-issue-with-PreserveJobHistory-and-time-values.patch
    Fix an issue with `PreserveJobHistory` and time values
    (Issue #5538, Closes: #921741, LP: #1747765)

Author: Dariusz Gadomski
Author Date: 2019-05-30 09:33:26 UTC

Import patches-unapplied version 2.1.3-4ubuntu0.9 to ubuntu/xenial-proposed

Imported using git-ubuntu import.

Changelog parent: e057f2cc4267a2ba248bf81a8d00eef8cb6218d8

New changelog entries:
  * d/p/0045-Fix-an-issue-with-PreserveJobHistory-and-time-values.patch
    Fix an issue with `PreserveJobHistory` and time values
    (Issue #5538, Closes: #921741, LP: #1747765)

Author: Dariusz Gadomski
Author Date: 2019-05-30 12:11:53 UTC

Import patches-unapplied version 2.2.8-5ubuntu1.4 to ubuntu/cosmic-proposed

Imported using git-ubuntu import.

Changelog parent: ede28810097f77e178b1dd59887565f4b56e7923

New changelog entries:
  * d/p/0045-Fix-an-issue-with-PreserveJobHistory-and-time-values.patch
    Fix an issue with `PreserveJobHistory` and time values
    (Issue #5538, Closes: #921741, LP: #1747765)

Author: Dariusz Gadomski
Author Date: 2019-05-30 12:11:53 UTC

Import patches-unapplied version 2.2.8-5ubuntu1.4 to ubuntu/cosmic-proposed

Imported using git-ubuntu import.

Changelog parent: ede28810097f77e178b1dd59887565f4b56e7923

New changelog entries:
  * d/p/0045-Fix-an-issue-with-PreserveJobHistory-and-time-values.patch
    Fix an issue with `PreserveJobHistory` and time values
    (Issue #5538, Closes: #921741, LP: #1747765)

Author: Dariusz Gadomski
Author Date: 2019-05-30 12:11:53 UTC

Import patches-unapplied version 2.2.8-5ubuntu1.4 to ubuntu/cosmic-proposed

Imported using git-ubuntu import.

Changelog parent: ede28810097f77e178b1dd59887565f4b56e7923

New changelog entries:
  * d/p/0045-Fix-an-issue-with-PreserveJobHistory-and-time-values.patch
    Fix an issue with `PreserveJobHistory` and time values
    (Issue #5538, Closes: #921741, LP: #1747765)

Author: Dariusz Gadomski
Author Date: 2019-05-30 07:51:37 UTC

Import patches-unapplied version 2.2.10-4ubuntu2 to ubuntu/disco-proposed

Imported using git-ubuntu import.

Changelog parent: 3887433f227dbb74adfce1e129202a4f3d6eb970

New changelog entries:
  * d/p/0045-Fix-an-issue-with-PreserveJobHistory-and-time-values.patch
    Fix an issue with `PreserveJobHistory` and time values
    (Issue #5538, Closes: #921741, LP: #1747765)

Author: Didier Raboud
Author Date: 2019-02-16 13:48:42 UTC

Import patches-unapplied version 2.2.10-4 to debian/sid

Imported using git-ubuntu import.

Changelog parent: 237fd8199e9071cf0f946b4990576d6563f5510c

New changelog entries:
  * Backport patches from upstream's 2.2 "stable" branch:
    - Protect against continuing to read from a file at EOF (Issue #5473)
    - Use the same requested-attributes values for all IPP Everywhere setup
      requests (Issue #5484)
    - Add a USB quirk rule for the Lexmark E120n (Issue #5478)
    - Updated the USB quirks rule for Zebra label printers (Issue #5395)
    - Fix compile error on Linux (Issue #5483)
    - Stop parsing the Emulators keywords in PPD files (Issue #5475)
    - Fix potential unaligned accesses in the string pool (Issue #5474)

Author: Marc Deslauriers
Author Date: 2018-11-16 19:03:27 UTC

Import patches-unapplied version 2.2.8-5ubuntu1.1 to ubuntu/cosmic-security

Imported using git-ubuntu import.

Changelog parent: 1f5b28fd1c333402d7a77f77755bda2d7edea955

New changelog entries:
  * SECURITY UPDATE: predictable session cookies
    - debian/patches/CVE-2018-4700.patch: use better seed in cgi-bin/var.c.
    - CVE-2018-4700

Author: Marc Deslauriers
Author Date: 2018-11-16 19:07:12 UTC

Import patches-unapplied version 1.7.2-0ubuntu1.11 to ubuntu/trusty-security

Imported using git-ubuntu import.

Changelog parent: 609569b8bc69b888a962bf3c64fd23c93e65a241

New changelog entries:
  * SECURITY UPDATE: predictable session cookies
    - debian/patches/CVE-2018-4700.patch: use better seed in cgi-bin/var.c.
    - CVE-2018-4700

Author: Marc Deslauriers
Author Date: 2018-11-16 19:07:12 UTC

Import patches-unapplied version 1.7.2-0ubuntu1.11 to ubuntu/trusty-security

Imported using git-ubuntu import.

Changelog parent: 609569b8bc69b888a962bf3c64fd23c93e65a241

New changelog entries:
  * SECURITY UPDATE: predictable session cookies
    - debian/patches/CVE-2018-4700.patch: use better seed in cgi-bin/var.c.
    - CVE-2018-4700

Author: Marc Deslauriers
Author Date: 2018-11-16 19:07:12 UTC

Import patches-unapplied version 1.7.2-0ubuntu1.11 to ubuntu/trusty-security

Imported using git-ubuntu import.

Changelog parent: 609569b8bc69b888a962bf3c64fd23c93e65a241

New changelog entries:
  * SECURITY UPDATE: predictable session cookies
    - debian/patches/CVE-2018-4700.patch: use better seed in cgi-bin/var.c.
    - CVE-2018-4700

Author: Till Kamppeter
Author Date: 2018-08-19 18:36:01 UTC

Import patches-unapplied version 2.2.8-5ubuntu1 to ubuntu/cosmic-proposed

Imported using git-ubuntu import.

Changelog parent: c65636399ea685c0f26d01e1571efcc54693a6b3

New changelog entries:
  * do-not-locally-filter-printing-to-remote-cups-queue.patch: Avoid duplicate
    application of pdftopdf filter (locally and remotely) when printing on auto-
    discovered remote CUPS printer.

Author: Marc Deslauriers
Author Date: 2018-06-22 17:41:03 UTC

Import patches-unapplied version 2.2.4-7ubuntu3.1 to ubuntu/artful-security

Imported using git-ubuntu import.

Changelog parent: ee00c15a58003a220977f5bd0c895ad84c091dac

New changelog entries:
  * SECURITY UPDATE: scheduler crash via DBUS notifications
    - debian/patches/CVE-2017-18248.patch: validate requesting-user-name in
      scheduler/ipp.c.
    - CVE-2017-18248
  * SECURITY UPDATE: privilege escalation in dnssd backend
    - debian/patches/CVE-2018-418x.patch: don't allow PassEnv and SetEnv to
      override standard variables in man/cups-files.conf.man.in,
      man/cupsd.conf.man.in, scheduler/conf.c, test/run-stp-tests.sh.
    - CVE-2018-4180
  * SECURITY UPDATE: local file read via Include directive
    - debian/patches/CVE-2018-418x.patch: remove Include directive handling
      in scheduler/conf.c.
    - CVE-2018-4181
  * SECURITY UPDATE: AppArmor sandbox bypass
    - debian/local/apparmor-profile: also confine
      /usr/lib/cups/backend/mdns.
    - CVE-2018-6553

Author: Marc Deslauriers
Author Date: 2018-06-22 17:41:03 UTC

Import patches-unapplied version 2.2.4-7ubuntu3.1 to ubuntu/artful-security

Imported using git-ubuntu import.

Changelog parent: ee00c15a58003a220977f5bd0c895ad84c091dac

New changelog entries:
  * SECURITY UPDATE: scheduler crash via DBUS notifications
    - debian/patches/CVE-2017-18248.patch: validate requesting-user-name in
      scheduler/ipp.c.
    - CVE-2017-18248
  * SECURITY UPDATE: privilege escalation in dnssd backend
    - debian/patches/CVE-2018-418x.patch: don't allow PassEnv and SetEnv to
      override standard variables in man/cups-files.conf.man.in,
      man/cupsd.conf.man.in, scheduler/conf.c, test/run-stp-tests.sh.
    - CVE-2018-4180
  * SECURITY UPDATE: local file read via Include directive
    - debian/patches/CVE-2018-418x.patch: remove Include directive handling
      in scheduler/conf.c.
    - CVE-2018-4181
  * SECURITY UPDATE: AppArmor sandbox bypass
    - debian/local/apparmor-profile: also confine
      /usr/lib/cups/backend/mdns.
    - CVE-2018-6553

Author: Marc Deslauriers
Author Date: 2018-06-22 17:41:03 UTC

Import patches-unapplied version 2.2.4-7ubuntu3.1 to ubuntu/artful-security

Imported using git-ubuntu import.

Changelog parent: ee00c15a58003a220977f5bd0c895ad84c091dac

New changelog entries:
  * SECURITY UPDATE: scheduler crash via DBUS notifications
    - debian/patches/CVE-2017-18248.patch: validate requesting-user-name in
      scheduler/ipp.c.
    - CVE-2017-18248
  * SECURITY UPDATE: privilege escalation in dnssd backend
    - debian/patches/CVE-2018-418x.patch: don't allow PassEnv and SetEnv to
      override standard variables in man/cups-files.conf.man.in,
      man/cupsd.conf.man.in, scheduler/conf.c, test/run-stp-tests.sh.
    - CVE-2018-4180
  * SECURITY UPDATE: local file read via Include directive
    - debian/patches/CVE-2018-418x.patch: remove Include directive handling
      in scheduler/conf.c.
    - CVE-2018-4181
  * SECURITY UPDATE: AppArmor sandbox bypass
    - debian/local/apparmor-profile: also confine
      /usr/lib/cups/backend/mdns.
    - CVE-2018-6553

Author: Till Kamppeter
Author Date: 2018-04-09 19:44:01 UTC

Import patches-unapplied version 2.2.7-1ubuntu2 to ubuntu/bionic-proposed

Imported using git-ubuntu import.

Changelog parent: 58cadc6a44e6a3bbb2ef0c4e86a40a736e90a2c1

New changelog entries:
  * Fixed another crash when creating temporary queues for IPP printers
    (Issue #5290, LP: #1762476).

Author: Ubuntu Git Importer
Author Date: 2018-04-03 06:39:37 UTC

pristine-tar data for cups_2.2.7.orig.tar.gz

Author: Ubuntu Git Importer
Author Date: 2018-04-02 22:44:29 UTC

pristine-tar data for cups_2.3~b4.orig.tar.gz

Author: Didier Raboud
Author Date: 2017-07-21 12:09:44 UTC

Import patches-unapplied version 1.7.5-11+deb8u2 to debian/jessie

Imported using git-ubuntu import.

Changelog parent: bde2b5264002042cc63fad751f584b994444be40

New changelog entries:
  * Disable SSLv3 and RC4 by default to address POODLE vulnerability
    (Closes: #839226)
    - Implement SSLOptions to permit the use of AllowSSL3 and AllowRC4
      respectively
  * Refresh patches

Author: Dariusz Gadomski
Author Date: 2017-11-08 10:31:52 UTC

Import patches-unapplied version 2.2.4-7ubuntu3 to ubuntu/artful-proposed

Imported using git-ubuntu import.

Changelog parent: 1c5397ebfb738baa5c3e5d9c82a3f6e0a06d1baa

New changelog entries:
  * Fixes cupsGetNamedDest not using local default printer
    (LP: #1729910)

Author: Till Kamppeter
Author Date: 2017-09-26 13:26:01 UTC

Import patches-unapplied version 2.2.4-7ubuntu2 to ubuntu/artful-proposed

Imported using git-ubuntu import.

Changelog parent: d85e11b8aa2c0d55fc7c9c18fb2de8890c89314f

New changelog entries:
  * test-drivers script of autopkgtest: Skip also gen-ubrl.ppd as it is also a
    test/debug PPD for Braille embossers which does not accept PDF as
    input format. This broke the test with cups-filters 1.17.6 and later.

Author: Jamie Strandboge
Author Date: 2017-03-23 17:55:49 UTC

Import patches-unapplied version 2.2.2-1ubuntu1 to ubuntu/zesty-proposed

Imported using git-ubuntu import.

Changelog parent: 319172f6dbb1b7c1856d5f08da55cddbe17107f0

New changelog entries:
  * debian/local/apparmor-profile:
    - allow cupsd and cups-pdf to communicate via Unix sockets (LP: #1675503)
    - adjust cups-pdf log location
    - allow cups-pdf to read /etc/cups/ppd/*.ppd
    - silence noisy denials for cupsd occasionally trying to send signals to
      unconfined
    - allow capability wake_alarm (seen in LP: 1641985)

Author: Jamie Strandboge
Author Date: 2017-03-23 17:55:49 UTC

Import patches-unapplied version 2.2.2-1ubuntu1 to ubuntu/zesty-proposed

Imported using git-ubuntu import.

Changelog parent: 319172f6dbb1b7c1856d5f08da55cddbe17107f0

New changelog entries:
  * debian/local/apparmor-profile:
    - allow cupsd and cups-pdf to communicate via Unix sockets (LP: #1675503)
    - adjust cups-pdf log location
    - allow cups-pdf to read /etc/cups/ppd/*.ppd
    - silence noisy denials for cupsd occasionally trying to send signals to
      unconfined
    - allow capability wake_alarm (seen in LP: 1641985)

Author: Jamie Strandboge
Author Date: 2017-03-23 17:55:49 UTC

Import patches-unapplied version 2.2.2-1ubuntu1 to ubuntu/zesty-proposed

Imported using git-ubuntu import.

Changelog parent: 319172f6dbb1b7c1856d5f08da55cddbe17107f0

New changelog entries:
  * debian/local/apparmor-profile:
    - allow cupsd and cups-pdf to communicate via Unix sockets (LP: #1675503)
    - adjust cups-pdf log location
    - allow cups-pdf to read /etc/cups/ppd/*.ppd
    - silence noisy denials for cupsd occasionally trying to send signals to
      unconfined
    - allow capability wake_alarm (seen in LP: 1641985)

Author: Dariusz Gadomski
Author Date: 2017-02-15 14:55:27 UTC

Import patches-unapplied version 1.7.2-0ubuntu1.8 to ubuntu/trusty-proposed

Imported using git-ubuntu import.

Changelog parent: 8ea31fb937dfa22ce834fefb3995ed9671f16787

New changelog entries:
  * Fixed processing of server overrides without port numbers. (LP: #1665018)

Author: Dimitri John Ledkov
Author Date: 2016-12-22 17:06:04 UTC

Import patches-unapplied version 2.2.0-2ubuntu0.1 to ubuntu/yakkety-proposed

Imported using git-ubuntu import.

Changelog parent: 25ad8a76fdb66ed5f804f23e01021c56be468bc1

New changelog entries:
  * Make cups.path unit be part of the cups.service, since cups.path
    should stop if and when cups.service is stopped. LP: #1642966

Author: Dimitri John Ledkov
Author Date: 2016-12-22 17:06:04 UTC

Import patches-unapplied version 2.2.0-2ubuntu0.1 to ubuntu/yakkety-proposed

Imported using git-ubuntu import.

Changelog parent: 25ad8a76fdb66ed5f804f23e01021c56be468bc1

New changelog entries:
  * Make cups.path unit be part of the cups.service, since cups.path
    should stop if and when cups.service is stopped. LP: #1642966

Author: Didier Raboud
Author Date: 2016-09-21 07:30:58 UTC

Import patches-unapplied version 2.2.0-2 to debian/sid

Imported using git-ubuntu import.

Changelog parent: 3ffe83bf8e06cf7c64279070f9c1b9f485c5a1d1

New changelog entries:
  * Backport upstream patch to handle partial failures when connecting
    (Closes: #838434)

Author: Didier Raboud
Author Date: 2016-03-18 14:24:54 UTC

Import patches-unapplied version 2.1.3-4 to debian/sid

Imported using git-ubuntu import.

Changelog parent: b3ab3ae3b80c13aba010771042d9d10e03670f3f

New changelog entries:
  [ Till Kamppeter ]
  * Quirk rule to make Lexmark C540n work (STR #4778)
  * Quirk rule to make Xerox WorkCentre 3220 work (LP: #1406203, STR #4789)

Author: Till Kamppeter
Author Date: 2015-10-08 14:46:01 UTC

Import patches-unapplied version 2.1.0-4ubuntu3 to ubuntu/wily-proposed

Imported using git-ubuntu import.

Changelog parent: 44edc8c54136801d15b13594246820e669a9e7bb

New changelog entries:
  * Updated the patch to patch loading the PPDs for IPP print queues
    to the corrected upstream fix (CUPS STR #4725).

Author: Till Kamppeter
Author Date: 2015-10-08 14:46:01 UTC

Import patches-unapplied version 2.1.0-4ubuntu3 to ubuntu/wily-proposed

Imported using git-ubuntu import.

Changelog parent: 44edc8c54136801d15b13594246820e669a9e7bb

New changelog entries:
  * Updated the patch to patch loading the PPDs for IPP print queues
    to the corrected upstream fix (CUPS STR #4725).

Author: Till Kamppeter
Author Date: 2015-10-08 14:46:01 UTC

Import patches-unapplied version 2.1.0-4ubuntu3 to ubuntu/wily-proposed

Imported using git-ubuntu import.

Changelog parent: 44edc8c54136801d15b13594246820e669a9e7bb

New changelog entries:
  * Updated the patch to patch loading the PPDs for IPP print queues
    to the corrected upstream fix (CUPS STR #4725).

Author: Didier Raboud
Author Date: 2015-06-09 07:54:07 UTC

Import patches-unapplied version 1.5.3-5+deb7u6 to debian/wheezy

Imported using git-ubuntu import.

Changelog parent: 99f50b3fae149de83134de069343c571d0c58fab

New changelog entries:
  * Import 1.5 upstream fix for CERT VU#810572: Privilege escalation through
    dynamic linker and isolated vulnerabilities: STR: #4609, VU#810572
    - CVE-2015-1158 - Improper Update of Reference Count
    - CVE-2015-1159 - Cross-Site Scripting
  * Backport upstream patch to fix cupsRasterReadPixels buffer overflow with
    invalid page header and compressed raster data
    (CVE-2014-9679, STR: #4551, Closes: #778387)

Author: Till Kamppeter
Author Date: 2015-06-12 16:18:01 UTC

Import patches-unapplied version 2.0.2-1ubuntu3.2 to ubuntu/vivid-proposed

Imported using git-ubuntu import.

Changelog parent: 9437f668084328f4757189173a65692bcdedaf86

New changelog entries:
  * debian/patches/cups-busy-loop.patch: Fixed scheduler sometimes
    getting caught in a busy loop (LP: #1426490, CUPS STR #4605).

Author: Till Kamppeter
Author Date: 2015-06-12 16:18:01 UTC

Import patches-unapplied version 2.0.2-1ubuntu3.2 to ubuntu/vivid-proposed

Imported using git-ubuntu import.

Changelog parent: 9437f668084328f4757189173a65692bcdedaf86

New changelog entries:
  * debian/patches/cups-busy-loop.patch: Fixed scheduler sometimes
    getting caught in a busy loop (LP: #1426490, CUPS STR #4605).

Author: Till Kamppeter
Author Date: 2015-06-12 16:18:01 UTC

Import patches-unapplied version 2.0.2-1ubuntu3.2 to ubuntu/vivid-proposed

Imported using git-ubuntu import.

Changelog parent: 9437f668084328f4757189173a65692bcdedaf86

New changelog entries:
  * debian/patches/cups-busy-loop.patch: Fixed scheduler sometimes
    getting caught in a busy loop (LP: #1426490, CUPS STR #4605).

Author: Marc Deslauriers
Author Date: 2015-06-04 12:08:32 UTC

Import patches-unapplied version 1.5.3-0ubuntu8.7 to ubuntu/precise-security

Imported using git-ubuntu import.

Changelog parent: 6cbae9328a2961a3b391d2ee993517b83da6709e

New changelog entries:
  * SECURITY UPDATE: privilege escalation through dynamic linker and
    isolated vulnerabilities
    - debian/patches/str4609.patch: apply patch from upstream to
      cgi-bin/ipp-var.c, cgi-bin/template.c, scheduler/ipp.c,
      scheduler/job.c.
    - CVE number pending

Author: Marc Deslauriers
Author Date: 2015-06-04 11:37:56 UTC

Import patches-unapplied version 2.0.2-1ubuntu3.1 to ubuntu/vivid-security

Imported using git-ubuntu import.

Changelog parent: 61479f725f6755faba6f7d68cb542aaf2cd0e21a

New changelog entries:
  * SECURITY UPDATE: privilege escalation through dynamic linker and
    isolated vulnerabilities
    - debian/patches/str4609.patch: apply patch from upstream to
      cgi-bin/ipp-var.c, cgi-bin/template.c, scheduler/client.c,
      scheduler/conf.c, scheduler/env.c, scheduler/ipp.c, scheduler/job.c,
      scheduler/main.c.
    - CVE number pending

Author: Marc Deslauriers
Author Date: 2015-06-04 12:07:45 UTC

Import patches-unapplied version 1.7.5-3ubuntu3.2 to ubuntu/utopic-security

Imported using git-ubuntu import.

Changelog parent: 1be21fd3c0d91988bce84bac33163dfcc467076a

New changelog entries:
  * SECURITY UPDATE: privilege escalation through dynamic linker and
    isolated vulnerabilities
    - debian/patches/str4609.patch: apply patch from upstream to
      cgi-bin/ipp-var.c, cgi-bin/template.c, scheduler/client.c,
      scheduler/env.c, scheduler/ipp.c, scheduler/job.c, scheduler/main.c.
    - CVE number pending

Author: Marc Deslauriers
Author Date: 2015-06-04 12:07:45 UTC

Import patches-unapplied version 1.7.5-3ubuntu3.2 to ubuntu/utopic-security

Imported using git-ubuntu import.

Changelog parent: 1be21fd3c0d91988bce84bac33163dfcc467076a

New changelog entries:
  * SECURITY UPDATE: privilege escalation through dynamic linker and
    isolated vulnerabilities
    - debian/patches/str4609.patch: apply patch from upstream to
      cgi-bin/ipp-var.c, cgi-bin/template.c, scheduler/client.c,
      scheduler/env.c, scheduler/ipp.c, scheduler/job.c, scheduler/main.c.
    - CVE number pending

Author: Marc Deslauriers
Author Date: 2015-06-04 12:08:32 UTC

Import patches-unapplied version 1.5.3-0ubuntu8.7 to ubuntu/precise-security

Imported using git-ubuntu import.

Changelog parent: 6cbae9328a2961a3b391d2ee993517b83da6709e

New changelog entries:
  * SECURITY UPDATE: privilege escalation through dynamic linker and
    isolated vulnerabilities
    - debian/patches/str4609.patch: apply patch from upstream to
      cgi-bin/ipp-var.c, cgi-bin/template.c, scheduler/ipp.c,
      scheduler/job.c.
    - CVE number pending

Author: Marc Deslauriers
Author Date: 2015-06-04 12:07:45 UTC

Import patches-unapplied version 1.7.5-3ubuntu3.2 to ubuntu/utopic-security

Imported using git-ubuntu import.

Changelog parent: 1be21fd3c0d91988bce84bac33163dfcc467076a

New changelog entries:
  * SECURITY UPDATE: privilege escalation through dynamic linker and
    isolated vulnerabilities
    - debian/patches/str4609.patch: apply patch from upstream to
      cgi-bin/ipp-var.c, cgi-bin/template.c, scheduler/client.c,
      scheduler/env.c, scheduler/ipp.c, scheduler/job.c, scheduler/main.c.
    - CVE number pending

Author: Marc Deslauriers
Author Date: 2015-06-04 12:08:32 UTC

Import patches-unapplied version 1.5.3-0ubuntu8.7 to ubuntu/precise-security

Imported using git-ubuntu import.

Changelog parent: 6cbae9328a2961a3b391d2ee993517b83da6709e

New changelog entries:
  * SECURITY UPDATE: privilege escalation through dynamic linker and
    isolated vulnerabilities
    - debian/patches/str4609.patch: apply patch from upstream to
      cgi-bin/ipp-var.c, cgi-bin/template.c, scheduler/ipp.c,
      scheduler/job.c.
    - CVE number pending

Author: Marc Deslauriers
Author Date: 2015-02-25 18:45:29 UTC

Import patches-unapplied version 1.4.3-1ubuntu1.14 to ubuntu/lucid-security

Imported using git-ubuntu import.

Changelog parent: bedeb29865f1bbc057ce91c3e2cd12365988edee

New changelog entries:
  * SECURITY UPDATE: buffer overflow in cupsRasterReadPixels
    - debian/patches/CVE-2014-9679.dpatch: validate cupsBytesPerLine and
      clear returned buffer in filter/raster.c.
    - CVE-2014-9679

Author: Marc Deslauriers
Author Date: 2015-02-25 18:45:29 UTC

Import patches-unapplied version 1.4.3-1ubuntu1.14 to ubuntu/lucid-security

Imported using git-ubuntu import.

Changelog parent: bedeb29865f1bbc057ce91c3e2cd12365988edee

New changelog entries:
  * SECURITY UPDATE: buffer overflow in cupsRasterReadPixels
    - debian/patches/CVE-2014-9679.dpatch: validate cupsBytesPerLine and
      clear returned buffer in filter/raster.c.
    - CVE-2014-9679

Author: Marc Deslauriers
Author Date: 2015-02-25 18:45:29 UTC

Import patches-unapplied version 1.4.3-1ubuntu1.14 to ubuntu/lucid-security

Imported using git-ubuntu import.

Changelog parent: bedeb29865f1bbc057ce91c3e2cd12365988edee

New changelog entries:
  * SECURITY UPDATE: buffer overflow in cupsRasterReadPixels
    - debian/patches/CVE-2014-9679.dpatch: validate cupsBytesPerLine and
      clear returned buffer in filter/raster.c.
    - CVE-2014-9679

Author: Till Kamppeter
Author Date: 2015-02-14 11:12:01 UTC

Import patches-unapplied version 2.0.2-1ubuntu3 to ubuntu/vivid-proposed

Imported using git-ubuntu import.

Changelog parent: 7bafb1266281aadbedd2c82c8f96bd3da686c3e0

New changelog entries:
  * debian/tests/utils/test-drivers: Exclude the "everywhere" driver from the
    tests as it requires a physical printer to poll capability info from.

Author: Louis Bouchard
Author Date: 2015-02-09 10:36:08 UTC

Import patches-unapplied version 1.7.5-3ubuntu3 to ubuntu/utopic-proposed

Imported using git-ubuntu import.

Changelog parent: 7406e4c9eb89310825151472dd22c043963ee170

New changelog entries:
  * Fix -h option not honoured when CUPS_SERVER variable
    is defined. (LP: #1352809)

Author: Jamie Strandboge
Author Date: 2014-10-16 13:28:29 UTC

Import patches-unapplied version 1.7.5-3ubuntu2 to ubuntu/utopic-proposed

Imported using git-ubuntu import.

Changelog parent: c1565c2aff2946ee589ca8740e9ea9ed422ad956

New changelog entries:
  * debian/local/apparmor-profile:
    - allow all signals to /usr/sbin/cupsd//third_party
    - allow unix to /usr/sbin/cupsd//third_party (LP: #1382042)

Author: Didier Raboud
Author Date: 2014-05-03 13:43:50 UTC

Import patches-unapplied version 1.4.4-7+squeeze5 to debian/squeeze

Imported using git-ubuntu import.

Changelog parent: dd36b5bc806355b886ba42fb082dc8ac8f6c3cdb

New changelog entries:
  * Import upstream patch to fix XSS in the CUPS webinterface (STR #4356),
    fixes CVE-2014-2856
  * Backport security fix from cups-filters 1.0.47:
    pdftoopvp: SECURITY FIX for CVE-2013-6474, CVE-2013-6475, and
    CVE-2013-6476: Introduction of gmallocn and gmallocn3 to protect against
    arbitrary code execution with the privileges of the "lp" user via
    malicious PDF files. Also restrict the directory from where OPVP drivers
    can get loaded (Closes: #741333)

Author: Ryan Tandy
Author Date: 2014-04-24 16:17:07 UTC

Import patches-unapplied version 1.5.3-0ubuntu8.3 to ubuntu/precise-proposed

Imported using git-ubuntu import.

Changelog parent: 26caf956d4cf0b882b0de1099567454b8d85dfbe

New changelog entries:
  * debian/patches/handle-server-terminating-connection.patch: Fix the
    handling of a connection terminated by the server (LP: #1020048)

Author: Marc Deslauriers
Author Date: 2014-04-18 15:03:53 UTC

Import patches-unapplied version 1.7.0~rc1-0ubuntu5.3 to ubuntu/saucy-security

Imported using git-ubuntu import.

Changelog parent: 304f8e35991e14863660743af0430ee310b8fbd8

New changelog entries:
  * SECURITY UPDATE: cross-site scripting issue in web interface
    - debian/patches/CVE-2014-2856.patch: filter bad characters from the
      URL in scheduler/client.c.
    - CVE-2014-2856

Author: Marc Deslauriers
Author Date: 2014-04-18 15:03:53 UTC

Import patches-unapplied version 1.7.0~rc1-0ubuntu5.3 to ubuntu/saucy-security

Imported using git-ubuntu import.

Changelog parent: 304f8e35991e14863660743af0430ee310b8fbd8

New changelog entries:
  * SECURITY UPDATE: cross-site scripting issue in web interface
    - debian/patches/CVE-2014-2856.patch: filter bad characters from the
      URL in scheduler/client.c.
    - CVE-2014-2856

Author: Marc Deslauriers
Author Date: 2014-04-18 15:56:53 UTC

Import patches-unapplied version 1.6.1-0ubuntu11.6 to ubuntu/quantal-security

Imported using git-ubuntu import.

Changelog parent: ff559a2bfb68b0c56c3c2a0b694c0d0b1fa29425

New changelog entries:
  * SECURITY UPDATE: cross-site scripting issue in web interface
    - debian/patches/CVE-2014-2856.patch: filter bad characters from the
      URL in scheduler/client.c.
    - CVE-2014-2856

Author: Marc Deslauriers
Author Date: 2014-04-18 15:56:53 UTC

Import patches-unapplied version 1.6.1-0ubuntu11.6 to ubuntu/quantal-security

Imported using git-ubuntu import.

Changelog parent: ff559a2bfb68b0c56c3c2a0b694c0d0b1fa29425

New changelog entries:
  * SECURITY UPDATE: cross-site scripting issue in web interface
    - debian/patches/CVE-2014-2856.patch: filter bad characters from the
      URL in scheduler/client.c.
    - CVE-2014-2856

Author: Marc Deslauriers
Author Date: 2014-04-18 15:03:53 UTC

Import patches-unapplied version 1.7.0~rc1-0ubuntu5.3 to ubuntu/saucy-security

Imported using git-ubuntu import.

Changelog parent: 304f8e35991e14863660743af0430ee310b8fbd8

New changelog entries:
  * SECURITY UPDATE: cross-site scripting issue in web interface
    - debian/patches/CVE-2014-2856.patch: filter bad characters from the
      URL in scheduler/client.c.
    - CVE-2014-2856

Author: Marc Deslauriers
Author Date: 2014-04-18 15:56:53 UTC

Import patches-unapplied version 1.6.1-0ubuntu11.6 to ubuntu/quantal-security

Imported using git-ubuntu import.

Changelog parent: ff559a2bfb68b0c56c3c2a0b694c0d0b1fa29425

New changelog entries:
  * SECURITY UPDATE: cross-site scripting issue in web interface
    - debian/patches/CVE-2014-2856.patch: filter bad characters from the
      URL in scheduler/client.c.
    - CVE-2014-2856

Author: Till Kamppeter
Author Date: 2014-04-10 17:17:25 UTC

Import patches-unapplied version 1.7.2-0ubuntu1 to ubuntu/trusty-proposed

Imported using git-ubuntu import.

Changelog parent: 65914de804e936f978d5abdfcd6ca2ba767d1530

New changelog entries:
  * New upstream bug fix release
     - Addresses a web interface redirection security issue, some scheduler
       crashed on Linux, and other general bug fixes.
  * str4393-fix-memoryleak-in-rastertolabel.patch,
    fix-cupsdgetprivateattrs-function-missing-null-check.patch,
    fix-cupsenumdests-does-not-fill-in-is_default-field.patch,
    cupsd-support-avahi-daemon-restarting.patch,
    cupsenumdests-does-not-set-cb.patch,
    fix-a-dbus-threading-issue-that-caused-the-scheduler-to-crash.patch:
    Removed patches backported from upstream.
  * build-with-full-relro.patch,
    fix-template.c-typo.patch,
    prevent-dnssd-backend-exiting-too-early.patch: Removed, fixed upstream.
  * mention-rfc2911-in-ipptoolfile-for-clarity.patch: Removed, fixed
    differently upstream.
  * manpage-hyphen-minus.patch,
    cupsd-upstart-support.patch: Manually regenerated to adapt
    to upstream changes.
  * color-management-extension.patch,
    cupsd-exit-on-idle.patch,
    cupsd-exit-on-idle-upstart.patch,
    read-embedded-options-from-incoming-postscript-and-add-to-ipp-attrs.patch,
    airprint-support.patch,
    no-conffile-timestamp.patch,
    pidfile.patch: Refreshed with quilt.

Author: Marc Deslauriers
Author Date: 2014-01-14 15:10:26 UTC

Import patches-unapplied version 1.6.2-1ubuntu8 to ubuntu/raring-security

Imported using git-ubuntu import.

Changelog parent: 7b35d572c2633154c37b3ddc2a8e264e1a2b767d

New changelog entries:
  * SECURITY UPDATE: information disclosure via lppasswd binary
    - debian/patches/CVE-2013-6891.patch: don't parse user file if setuid
      in cups/usersys.c.
    - CVE-2013-6891
  * This update does _not_ contain the changes from 1.6.2-1ubuntu7 in
    raring-proposed.

Author: Marc Deslauriers
Author Date: 2014-01-14 15:10:26 UTC

Import patches-unapplied version 1.6.2-1ubuntu8 to ubuntu/raring-security

Imported using git-ubuntu import.

Changelog parent: 7b35d572c2633154c37b3ddc2a8e264e1a2b767d

New changelog entries:
  * SECURITY UPDATE: information disclosure via lppasswd binary
    - debian/patches/CVE-2013-6891.patch: don't parse user file if setuid
      in cups/usersys.c.
    - CVE-2013-6891
  * This update does _not_ contain the changes from 1.6.2-1ubuntu7 in
    raring-proposed.

Author: Marc Deslauriers
Author Date: 2014-01-14 15:10:26 UTC

Import patches-unapplied version 1.6.2-1ubuntu8 to ubuntu/raring-security

Imported using git-ubuntu import.

Changelog parent: 7b35d572c2633154c37b3ddc2a8e264e1a2b767d

New changelog entries:
  * SECURITY UPDATE: information disclosure via lppasswd binary
    - debian/patches/CVE-2013-6891.patch: don't parse user file if setuid
      in cups/usersys.c.
    - CVE-2013-6891
  * This update does _not_ contain the changes from 1.6.2-1ubuntu7 in
    raring-proposed.

Author: Till Kamppeter
Author Date: 2013-11-08 17:49:01 UTC

Import patches-unapplied version 1.7.0~rc1-0ubuntu5.1 to ubuntu/saucy-proposed

Imported using git-ubuntu import.

Changelog parent: 82d9b75bc4fd6c1cbfce4f08351c87c3b920c79a

New changelog entries:
  * debian/patches/lpadmin-ppdname-fix.patch: The lpadmin command did not send
    the PPD name from the "-m" option and also the web interface did not use
    the selected PPD file (LP: #1248578).

Author: Till Kamppeter
Author Date: 2013-09-27 10:30:01 UTC

Import patches-unapplied version 1.7.0~rc1-0ubuntu5 to ubuntu/saucy-proposed

Imported using git-ubuntu import.

Changelog parent: 915ae924b0fd8a170a24c6dcde3d7ea475b1a442

New changelog entries:
  * debian/local/cupsd-sync-files-on-close.patch: Corrected patch, the new
    SyncOnClose directive needs to be in cups-files.conf (LP: #1157972,
    Red Hat bug #984883).

Author: Till Kamppeter
Author Date: 2013-04-23 10:12:12 UTC

Import patches-unapplied version 1.6.1-0ubuntu11.4 to ubuntu/quantal-proposed

Imported using git-ubuntu import.

Changelog parent: 503148f2706706ce92ce60537b2cac6d9754e599

New changelog entries:
  * debian/cups.logrotate: Do not remove CUPS' log files while the CUPS
    daemon is running. Stop CUPS, move the files, and then start it again.
    This avoids crashes during the log rotation process (LP: #1086019).

Author: Till Kamppeter
Author Date: 2013-05-10 13:06:56 UTC

Import patches-unapplied version 1.6.2-1ubuntu7 to ubuntu/raring-proposed

Imported using git-ubuntu import.

Changelog parent: 723d8e5734817535006bd0cdff9a0a400b9e25a6

New changelog entries:
  * debian/patches/usb-backend-do-not-crash-if-usb-disabled-in-bios.patch:
    Add patch to test suite to ignore the newly introduced warning message.
    This message gets regularly issued on build servers which use virtual
    machines without access to the host's USB and so the test suite fails due
    to an extra warning. Due to this there was a FTBFS in the previous release
    (LP: #1108719).

Author: Till Kamppeter
Author Date: 2013-04-15 13:13:01 UTC

Import patches-unapplied version 1.6.2-1ubuntu5 to ubuntu/raring-proposed

Imported using git-ubuntu import.

Changelog parent: 50dc92a6f0eb6c6435bc7d7119b17caddededc40

New changelog entries:
  * debian/patches/usb-backend-more-quirk-rules.patch: Added quirk rule for the
    QinHeng CH340S USB->Parallel adapter (LP: #1000253).

Author: Marc Deslauriers
Author Date: 2012-12-03 14:14:13 UTC

Import patches-unapplied version 1.5.0-8ubuntu7.3 to ubuntu/oneiric-security

Imported using git-ubuntu import.

Changelog parent: 5697c5e0d3d18776cb49283e12e014359f2a166c

New changelog entries:
  * SECURITY UPDATE: privilege escalation via config file editing
    - debian/patches/CVE-2012-5519.patch: split configuration file into
      two, to isolate options that have a security impact.
    - debian/cups.install: also install cups-files.conf
    - debian/patches/removecvstag.patch: updated to remove tag from
      cups-files.conf.
    - CVE-2012-5519
  * NOTE: this package does _not_ include the changes from 1.5.0-8ubuntu7
    in oneiric-proposed.

Author: Marc Deslauriers
Author Date: 2012-12-03 14:14:13 UTC

Import patches-unapplied version 1.5.0-8ubuntu7.3 to ubuntu/oneiric-security

Imported using git-ubuntu import.

Changelog parent: 5697c5e0d3d18776cb49283e12e014359f2a166c

New changelog entries:
  * SECURITY UPDATE: privilege escalation via config file editing
    - debian/patches/CVE-2012-5519.patch: split configuration file into
      two, to isolate options that have a security impact.
    - debian/cups.install: also install cups-files.conf
    - debian/patches/removecvstag.patch: updated to remove tag from
      cups-files.conf.
    - CVE-2012-5519
  * NOTE: this package does _not_ include the changes from 1.5.0-8ubuntu7
    in oneiric-proposed.

Author: Marc Deslauriers
Author Date: 2012-12-03 14:14:13 UTC

Import patches-unapplied version 1.5.0-8ubuntu7.3 to ubuntu/oneiric-security

Imported using git-ubuntu import.

Changelog parent: 5697c5e0d3d18776cb49283e12e014359f2a166c

New changelog entries:
  * SECURITY UPDATE: privilege escalation via config file editing
    - debian/patches/CVE-2012-5519.patch: split configuration file into
      two, to isolate options that have a security impact.
    - debian/cups.install: also install cups-files.conf
    - debian/patches/removecvstag.patch: updated to remove tag from
      cups-files.conf.
    - CVE-2012-5519
  * NOTE: this package does _not_ include the changes from 1.5.0-8ubuntu7
    in oneiric-proposed.

Author: Till Kamppeter
Author Date: 2012-10-15 17:43:30 UTC

Import patches-unapplied version 1.6.1-0ubuntu11 to ubuntu/quantal-proposed

Imported using git-ubuntu import.

Changelog parent: 2ccd5fc87cef3540e5c09abfc56d8d5c96072e07

New changelog entries:
  * debian/patches/cupsd-no-crash-on-avahi-threaded-poll-shutdown.patch:
    Fixed crash which sometimes happens on shutdown of the CUPS daemom,
    caused by a wrong shutdown sequence for shutting down the Avahi threaded
    poll (LP: #1034045).

Author: Steve Langasek
Author Date: 2012-04-09 15:24:48 UTC

Import patches-unapplied version 1.5.2-9ubuntu1 to ubuntu/precise

Imported using git-ubuntu import.

Changelog parent: 181985da7ea2815e21a327a35c585b8ee5bb8791

New changelog entries:
  * Don't wait on udevtrigger before starting cups; the only reason this
    is here is to let '/lib/udev/udev-configure-printer enumerate' work, but
    if cups does start before we've cold-plugged everything, the udev rule
    will call '/lib/udev/udev-configure-printer add' for each device it
    discovers anyway, so this is redundant.