Author: Ubuntu Git Importer
Author Date: 2019-08-20 04:26:08 UTC

DSC file for 2.2.10-4ubuntu2.1

Author: Alex Murray
Author Date: 2019-08-16 07:12:45 UTC

Import patches-unapplied version 2.2.7-1ubuntu2.7 to ubuntu/bionic-security

Imported using git-ubuntu import.

Changelog parent: b43332e69d44a6fda315f85d02aa61d1e0d706da

New changelog entries:
  * SECURITY UPDATE: Stack buffer overflow in SNMP ASN.1 decoder
    - debian/patches/CVE-2019-86xx.patch: update cups/snmp.c to check for
      buffer overflow when decoding various ASN.1 elements.
    - CVE-2019-8675
    - CVE-2019-8696
  * SECURITY UPDATE: Buffer overflow in IPP
    - debian/patches/CVE-2019-86xx.patch: update cups/ipp.c to avoid
      buffer overflow due to tag type confusion
  * SECURITY UPDATE: Denial of service and memory disclosure in scheduler
    - debian/patches/CVE-2019-86xx.patch: update scheduler/client.c to
      avoid a denial of service and possible memory disclosure if the
      client unexpectedly closes the connection

Author: Alex Murray
Author Date: 2019-08-16 08:10:11 UTC

Import patches-unapplied version 2.1.3-4ubuntu0.10 to ubuntu/xenial-security

Imported using git-ubuntu import.

Changelog parent: 6eb67c9ae4a4140713f64a85d9ad905951500dc6

New changelog entries:
  * SECURITY UPDATE: Stack buffer overflow in SNMP ASN.1 decoder
    - debian/patches/CVE-2019-86xx.patch: update cups/snmp.c to check for
      buffer overflow when decoding various ASN.1 elements.
    - CVE-2019-8675
    - CVE-2019-8696
  * SECURITY UPDATE: Buffer overflow in IPP
    - debian/patches/CVE-2019-86xx.patch: update cups/ipp.c to avoid
      buffer overflow due to tag type confusion
  * SECURITY UPDATE: Denial of service and memory disclosure in scheduler
    - debian/patches/CVE-2019-86xx.patch: update scheduler/client.c to
      avoid a denial of service and possible memory disclosure if the
      client unexpectedly closes the connection

Author: Alex Murray
Author Date: 2019-08-16 04:42:59 UTC

Import patches-unapplied version 2.2.10-4ubuntu2.1 to ubuntu/disco-security

Imported using git-ubuntu import.

Changelog parent: 3f838e21f243d781ba8d190778d438ddac55183f

New changelog entries:
  * SECURITY UPDATE: Stack buffer overflow in SNMP ASN.1 decoder
    - debian/patches/CVE-2019-86xx.patch: update cups/snmp.c to check for
      buffer overflow when decoding various ASN.1 elements.
    - CVE-2019-8675
    - CVE-2019-8696
  * SECURITY UPDATE: Buffer overflow in IPP
    - debian/patches/CVE-2019-86xx.patch: update cups/ipp.c to avoid
      buffer overflow due to tag type confusion
  * SECURITY UPDATE: Denial of service and memory disclosure in scheduler
    - debian/patches/CVE-2019-86xx.patch: update scheduler/client.c to
      avoid a denial of service and possible memory disclosure if the
      client unexpectedly closes the connection

Author: Alex Murray
Author Date: 2019-08-16 08:10:11 UTC

Import patches-unapplied version 2.1.3-4ubuntu0.10 to ubuntu/xenial-security

Imported using git-ubuntu import.

Changelog parent: 6eb67c9ae4a4140713f64a85d9ad905951500dc6

New changelog entries:
  * SECURITY UPDATE: Stack buffer overflow in SNMP ASN.1 decoder
    - debian/patches/CVE-2019-86xx.patch: update cups/snmp.c to check for
      buffer overflow when decoding various ASN.1 elements.
    - CVE-2019-8675
    - CVE-2019-8696
  * SECURITY UPDATE: Buffer overflow in IPP
    - debian/patches/CVE-2019-86xx.patch: update cups/ipp.c to avoid
      buffer overflow due to tag type confusion
  * SECURITY UPDATE: Denial of service and memory disclosure in scheduler
    - debian/patches/CVE-2019-86xx.patch: update scheduler/client.c to
      avoid a denial of service and possible memory disclosure if the
      client unexpectedly closes the connection

Author: Alex Murray
Author Date: 2019-08-16 04:42:59 UTC

Import patches-unapplied version 2.2.10-4ubuntu2.1 to ubuntu/disco-security

Imported using git-ubuntu import.

Changelog parent: 3f838e21f243d781ba8d190778d438ddac55183f

New changelog entries:
  * SECURITY UPDATE: Stack buffer overflow in SNMP ASN.1 decoder
    - debian/patches/CVE-2019-86xx.patch: update cups/snmp.c to check for
      buffer overflow when decoding various ASN.1 elements.
    - CVE-2019-8675
    - CVE-2019-8696
  * SECURITY UPDATE: Buffer overflow in IPP
    - debian/patches/CVE-2019-86xx.patch: update cups/ipp.c to avoid
      buffer overflow due to tag type confusion
  * SECURITY UPDATE: Denial of service and memory disclosure in scheduler
    - debian/patches/CVE-2019-86xx.patch: update scheduler/client.c to
      avoid a denial of service and possible memory disclosure if the
      client unexpectedly closes the connection

Author: Alex Murray
Author Date: 2019-08-16 07:12:45 UTC

Import patches-unapplied version 2.2.7-1ubuntu2.7 to ubuntu/bionic-security

Imported using git-ubuntu import.

Changelog parent: b43332e69d44a6fda315f85d02aa61d1e0d706da

New changelog entries:
  * SECURITY UPDATE: Stack buffer overflow in SNMP ASN.1 decoder
    - debian/patches/CVE-2019-86xx.patch: update cups/snmp.c to check for
      buffer overflow when decoding various ASN.1 elements.
    - CVE-2019-8675
    - CVE-2019-8696
  * SECURITY UPDATE: Buffer overflow in IPP
    - debian/patches/CVE-2019-86xx.patch: update cups/ipp.c to avoid
      buffer overflow due to tag type confusion
  * SECURITY UPDATE: Denial of service and memory disclosure in scheduler
    - debian/patches/CVE-2019-86xx.patch: update scheduler/client.c to
      avoid a denial of service and possible memory disclosure if the
      client unexpectedly closes the connection

Author: Alex Murray
Author Date: 2019-08-16 07:12:45 UTC

Import patches-unapplied version 2.2.7-1ubuntu2.7 to ubuntu/bionic-security

Imported using git-ubuntu import.

Changelog parent: b43332e69d44a6fda315f85d02aa61d1e0d706da

New changelog entries:
  * SECURITY UPDATE: Stack buffer overflow in SNMP ASN.1 decoder
    - debian/patches/CVE-2019-86xx.patch: update cups/snmp.c to check for
      buffer overflow when decoding various ASN.1 elements.
    - CVE-2019-8675
    - CVE-2019-8696
  * SECURITY UPDATE: Buffer overflow in IPP
    - debian/patches/CVE-2019-86xx.patch: update cups/ipp.c to avoid
      buffer overflow due to tag type confusion
  * SECURITY UPDATE: Denial of service and memory disclosure in scheduler
    - debian/patches/CVE-2019-86xx.patch: update scheduler/client.c to
      avoid a denial of service and possible memory disclosure if the
      client unexpectedly closes the connection

Author: Alex Murray
Author Date: 2019-08-16 04:42:59 UTC

Import patches-unapplied version 2.2.10-4ubuntu2.1 to ubuntu/disco-security

Imported using git-ubuntu import.

Changelog parent: 3f838e21f243d781ba8d190778d438ddac55183f

New changelog entries:
  * SECURITY UPDATE: Stack buffer overflow in SNMP ASN.1 decoder
    - debian/patches/CVE-2019-86xx.patch: update cups/snmp.c to check for
      buffer overflow when decoding various ASN.1 elements.
    - CVE-2019-8675
    - CVE-2019-8696
  * SECURITY UPDATE: Buffer overflow in IPP
    - debian/patches/CVE-2019-86xx.patch: update cups/ipp.c to avoid
      buffer overflow due to tag type confusion
  * SECURITY UPDATE: Denial of service and memory disclosure in scheduler
    - debian/patches/CVE-2019-86xx.patch: update scheduler/client.c to
      avoid a denial of service and possible memory disclosure if the
      client unexpectedly closes the connection

Author: Alex Murray
Author Date: 2019-08-16 08:10:11 UTC

Import patches-unapplied version 2.1.3-4ubuntu0.10 to ubuntu/xenial-security

Imported using git-ubuntu import.

Changelog parent: 6eb67c9ae4a4140713f64a85d9ad905951500dc6

New changelog entries:
  * SECURITY UPDATE: Stack buffer overflow in SNMP ASN.1 decoder
    - debian/patches/CVE-2019-86xx.patch: update cups/snmp.c to check for
      buffer overflow when decoding various ASN.1 elements.
    - CVE-2019-8675
    - CVE-2019-8696
  * SECURITY UPDATE: Buffer overflow in IPP
    - debian/patches/CVE-2019-86xx.patch: update cups/ipp.c to avoid
      buffer overflow due to tag type confusion
  * SECURITY UPDATE: Denial of service and memory disclosure in scheduler
    - debian/patches/CVE-2019-86xx.patch: update scheduler/client.c to
      avoid a denial of service and possible memory disclosure if the
      client unexpectedly closes the connection

Author: Ubuntu Git Importer
Author Date: 2019-08-19 10:36:46 UTC

DSC file for 2.3~rc1-2

Author: Didier Raboud
Author Date: 2019-08-18 14:58:09 UTC

Import patches-unapplied version 2.3~rc1-2 to debian/experimental

Imported using git-ubuntu import.

Changelog parent: a0ce25e17369dc14e8416ad1b13361907a31aab7

New changelog entries:
  * Merge 2.2.12-1 from unstable
  * Add missing colon in closes line.
  * Set upstream metadata fields: Contact, Name.
  * Bump debhelper from old 11 to 12.

Author: Didier Raboud
Author Date: 2019-08-17 13:51:30 UTC

Import patches-unapplied version 2.2.12-1 to debian/sid

Imported using git-ubuntu import.

Changelog parent: a5aba189fb534ec225a466135d20228d0b4a225c

New changelog entries:
  * New 2.2.12 upstream release
    - CVE-2019-8696 and CVE-2019-8675: Fixed SNMP buffer overflows
      (Closes: #934957)
  * Remove 11 backported patches
  * Fix CVE-2018-4{7,8}00 typo retrospectively in d/changelog
    (Closes: #933985)
  * Refresh debian/gitlab-ci.yml
  * Refresh manpage translations

Author: Didier Raboud
Author Date: 2019-08-17 13:51:30 UTC

Import patches-unapplied version 2.2.12-1 to debian/sid

Imported using git-ubuntu import.

Changelog parent: a5aba189fb534ec225a466135d20228d0b4a225c

New changelog entries:
  * New 2.2.12 upstream release
    - CVE-2019-8696 and CVE-2019-8675: Fixed SNMP buffer overflows
      (Closes: #934957)
  * Remove 11 backported patches
  * Fix CVE-2018-4{7,8}00 typo retrospectively in d/changelog
    (Closes: #933985)
  * Refresh debian/gitlab-ci.yml
  * Refresh manpage translations

Author: Didier Raboud
Author Date: 2019-08-17 13:51:30 UTC

Import patches-unapplied version 2.2.12-1 to debian/sid

Imported using git-ubuntu import.

Changelog parent: a5aba189fb534ec225a466135d20228d0b4a225c

New changelog entries:
  * New 2.2.12 upstream release
    - CVE-2019-8696 and CVE-2019-8675: Fixed SNMP buffer overflows
      (Closes: #934957)
  * Remove 11 backported patches
  * Fix CVE-2018-4{7,8}00 typo retrospectively in d/changelog
    (Closes: #933985)
  * Refresh debian/gitlab-ci.yml
  * Refresh manpage translations

Author: Didier Raboud
Author Date: 2019-08-17 13:51:30 UTC

Import patches-unapplied version 2.2.12-1 to debian/sid

Imported using git-ubuntu import.

Changelog parent: a5aba189fb534ec225a466135d20228d0b4a225c

New changelog entries:
  * New 2.2.12 upstream release
    - CVE-2019-8696 and CVE-2019-8675: Fixed SNMP buffer overflows
      (Closes: #934957)
  * Remove 11 backported patches
  * Fix CVE-2018-4{7,8}00 typo retrospectively in d/changelog
    (Closes: #933985)
  * Refresh debian/gitlab-ci.yml
  * Refresh manpage translations

Author: Till Kamppeter
Author Date: 2019-08-05 09:40:10 UTC

Import patches-unapplied version 2.2.11-0ubuntu1 to ubuntu/eoan-proposed

Imported using git-ubuntu import.

Changelog parent: ba0b127e7407a1ae84b5e6f259332ae90ca635fe

New changelog entries:
  * New upstream release
  * Removed 10 patches taken from upstream.
  * Refreshed 13 patches with quilt.
  * Removed patch to set "LogDebugHistory 99999" as it causes high
    system load when there are very many jobs (LP: #1831021).
  * Set "DirtyCleanInterval 0" in CUPS configuration to avoid losses of
    jobs when cupsd gets killed (LP: #1830022).

Author: Dariusz Gadomski
Author Date: 2019-05-30 08:02:17 UTC

Import patches-unapplied version 2.2.7-1ubuntu2.6 to ubuntu/bionic-proposed

Imported using git-ubuntu import.

Changelog parent: f3d15850b3ee59a05c2bd98a6d6cbc7666507b59

New changelog entries:
  * d/p/0045-Fix-an-issue-with-PreserveJobHistory-and-time-values.patch
    Fix an issue with `PreserveJobHistory` and time values
    (Issue #5538, Closes: #921741, LP: #1747765)

Author: Dariusz Gadomski
Author Date: 2019-05-30 09:33:26 UTC

Import patches-unapplied version 2.1.3-4ubuntu0.9 to ubuntu/xenial-proposed

Imported using git-ubuntu import.

Changelog parent: e057f2cc4267a2ba248bf81a8d00eef8cb6218d8

New changelog entries:
  * d/p/0045-Fix-an-issue-with-PreserveJobHistory-and-time-values.patch
    Fix an issue with `PreserveJobHistory` and time values
    (Issue #5538, Closes: #921741, LP: #1747765)

Author: Dariusz Gadomski
Author Date: 2019-05-30 12:11:53 UTC

Import patches-unapplied version 2.2.8-5ubuntu1.4 to ubuntu/cosmic-proposed

Imported using git-ubuntu import.

Changelog parent: ede28810097f77e178b1dd59887565f4b56e7923

New changelog entries:
  * d/p/0045-Fix-an-issue-with-PreserveJobHistory-and-time-values.patch
    Fix an issue with `PreserveJobHistory` and time values
    (Issue #5538, Closes: #921741, LP: #1747765)

Author: Dariusz Gadomski
Author Date: 2019-05-30 12:11:53 UTC

Import patches-unapplied version 2.2.8-5ubuntu1.4 to ubuntu/cosmic-proposed

Imported using git-ubuntu import.

Changelog parent: ede28810097f77e178b1dd59887565f4b56e7923

New changelog entries:
  * d/p/0045-Fix-an-issue-with-PreserveJobHistory-and-time-values.patch
    Fix an issue with `PreserveJobHistory` and time values
    (Issue #5538, Closes: #921741, LP: #1747765)

Author: Dariusz Gadomski
Author Date: 2019-05-30 12:11:53 UTC

Import patches-unapplied version 2.2.8-5ubuntu1.4 to ubuntu/cosmic-proposed

Imported using git-ubuntu import.

Changelog parent: ede28810097f77e178b1dd59887565f4b56e7923

New changelog entries:
  * d/p/0045-Fix-an-issue-with-PreserveJobHistory-and-time-values.patch
    Fix an issue with `PreserveJobHistory` and time values
    (Issue #5538, Closes: #921741, LP: #1747765)

Author: Dariusz Gadomski
Author Date: 2019-05-30 07:51:37 UTC

Import patches-unapplied version 2.2.10-4ubuntu2 to ubuntu/disco-proposed

Imported using git-ubuntu import.

Changelog parent: 3887433f227dbb74adfce1e129202a4f3d6eb970

New changelog entries:
  * d/p/0045-Fix-an-issue-with-PreserveJobHistory-and-time-values.patch
    Fix an issue with `PreserveJobHistory` and time values
    (Issue #5538, Closes: #921741, LP: #1747765)

Author: Didier Raboud
Author Date: 2019-04-23 06:33:01 UTC

Import patches-unapplied version 2.2.10-6 to debian/sid

Imported using git-ubuntu import.

Changelog parent: 956080b29caa10cdaae86aabf200c6db38c98643

New changelog entries:
  * Backport patch from upstream's 2.2 "stable" branch:
    - Fix an issue with `PreserveJobHistory` and time values (Issue #5538)
      (Closes: #921741)

Author: Didier Raboud
Author Date: 2019-02-16 13:48:42 UTC

Import patches-unapplied version 2.2.10-4 to debian/sid

Imported using git-ubuntu import.

Changelog parent: 237fd8199e9071cf0f946b4990576d6563f5510c

New changelog entries:
  * Backport patches from upstream's 2.2 "stable" branch:
    - Protect against continuing to read from a file at EOF (Issue #5473)
    - Use the same requested-attributes values for all IPP Everywhere setup
      requests (Issue #5484)
    - Add a USB quirk rule for the Lexmark E120n (Issue #5478)
    - Updated the USB quirks rule for Zebra label printers (Issue #5395)
    - Fix compile error on Linux (Issue #5483)
    - Stop parsing the Emulators keywords in PPD files (Issue #5475)
    - Fix potential unaligned accesses in the string pool (Issue #5474)

Author: Didier Raboud
Author Date: 2018-12-14 12:58:47 UTC

Import patches-unapplied version 2.2.1-8+deb9u3 to debian/stretch

Imported using git-ubuntu import.

Changelog parent: 94c4d9b3fe9942d18d312dbe6618ddc6de0638a3

New changelog entries:
  * Backport upstream fixes for:
    - CVE-2017-18248: DBUS notifications could crash the scheduler
    - CVE-2018-4700: Linux session cookies used a predictable random
      number seed (Closes: #915909)

Author: Marc Deslauriers
Author Date: 2018-11-16 19:03:27 UTC

Import patches-unapplied version 2.2.8-5ubuntu1.1 to ubuntu/cosmic-security

Imported using git-ubuntu import.

Changelog parent: 1f5b28fd1c333402d7a77f77755bda2d7edea955

New changelog entries:
  * SECURITY UPDATE: predictable session cookies
    - debian/patches/CVE-2018-4700.patch: use better seed in cgi-bin/var.c.
    - CVE-2018-4700

Author: Marc Deslauriers
Author Date: 2018-11-16 19:07:12 UTC

Import patches-unapplied version 1.7.2-0ubuntu1.11 to ubuntu/trusty-security

Imported using git-ubuntu import.

Changelog parent: 609569b8bc69b888a962bf3c64fd23c93e65a241

New changelog entries:
  * SECURITY UPDATE: predictable session cookies
    - debian/patches/CVE-2018-4700.patch: use better seed in cgi-bin/var.c.
    - CVE-2018-4700

Author: Marc Deslauriers
Author Date: 2018-11-16 19:07:12 UTC

Import patches-unapplied version 1.7.2-0ubuntu1.11 to ubuntu/trusty-security

Imported using git-ubuntu import.

Changelog parent: 609569b8bc69b888a962bf3c64fd23c93e65a241

New changelog entries:
  * SECURITY UPDATE: predictable session cookies
    - debian/patches/CVE-2018-4700.patch: use better seed in cgi-bin/var.c.
    - CVE-2018-4700

Author: Marc Deslauriers
Author Date: 2018-11-16 19:07:12 UTC

Import patches-unapplied version 1.7.2-0ubuntu1.11 to ubuntu/trusty-security

Imported using git-ubuntu import.

Changelog parent: 609569b8bc69b888a962bf3c64fd23c93e65a241

New changelog entries:
  * SECURITY UPDATE: predictable session cookies
    - debian/patches/CVE-2018-4700.patch: use better seed in cgi-bin/var.c.
    - CVE-2018-4700

Author: Till Kamppeter
Author Date: 2018-08-19 18:36:01 UTC

Import patches-unapplied version 2.2.8-5ubuntu1 to ubuntu/cosmic-proposed

Imported using git-ubuntu import.

Changelog parent: c65636399ea685c0f26d01e1571efcc54693a6b3

New changelog entries:
  * do-not-locally-filter-printing-to-remote-cups-queue.patch: Avoid duplicate
    application of pdftopdf filter (locally and remotely) when printing on auto-
    discovered remote CUPS printer.

Author: Marc Deslauriers
Author Date: 2018-06-22 17:41:03 UTC

Import patches-unapplied version 2.2.4-7ubuntu3.1 to ubuntu/artful-security

Imported using git-ubuntu import.

Changelog parent: ee00c15a58003a220977f5bd0c895ad84c091dac

New changelog entries:
  * SECURITY UPDATE: scheduler crash via DBUS notifications
    - debian/patches/CVE-2017-18248.patch: validate requesting-user-name in
      scheduler/ipp.c.
    - CVE-2017-18248
  * SECURITY UPDATE: privilege escalation in dnssd backend
    - debian/patches/CVE-2018-418x.patch: don't allow PassEnv and SetEnv to
      override standard variables in man/cups-files.conf.man.in,
      man/cupsd.conf.man.in, scheduler/conf.c, test/run-stp-tests.sh.
    - CVE-2018-4180
  * SECURITY UPDATE: local file read via Include directive
    - debian/patches/CVE-2018-418x.patch: remove Include directive handling
      in scheduler/conf.c.
    - CVE-2018-4181
  * SECURITY UPDATE: AppArmor sandbox bypass
    - debian/local/apparmor-profile: also confine
      /usr/lib/cups/backend/mdns.
    - CVE-2018-6553

Author: Marc Deslauriers
Author Date: 2018-06-22 17:41:03 UTC

Import patches-unapplied version 2.2.4-7ubuntu3.1 to ubuntu/artful-security

Imported using git-ubuntu import.

Changelog parent: ee00c15a58003a220977f5bd0c895ad84c091dac

New changelog entries:
  * SECURITY UPDATE: scheduler crash via DBUS notifications
    - debian/patches/CVE-2017-18248.patch: validate requesting-user-name in
      scheduler/ipp.c.
    - CVE-2017-18248
  * SECURITY UPDATE: privilege escalation in dnssd backend
    - debian/patches/CVE-2018-418x.patch: don't allow PassEnv and SetEnv to
      override standard variables in man/cups-files.conf.man.in,
      man/cupsd.conf.man.in, scheduler/conf.c, test/run-stp-tests.sh.
    - CVE-2018-4180
  * SECURITY UPDATE: local file read via Include directive
    - debian/patches/CVE-2018-418x.patch: remove Include directive handling
      in scheduler/conf.c.
    - CVE-2018-4181
  * SECURITY UPDATE: AppArmor sandbox bypass
    - debian/local/apparmor-profile: also confine
      /usr/lib/cups/backend/mdns.
    - CVE-2018-6553

Author: Marc Deslauriers
Author Date: 2018-06-22 17:41:03 UTC

Import patches-unapplied version 2.2.4-7ubuntu3.1 to ubuntu/artful-security

Imported using git-ubuntu import.

Changelog parent: ee00c15a58003a220977f5bd0c895ad84c091dac

New changelog entries:
  * SECURITY UPDATE: scheduler crash via DBUS notifications
    - debian/patches/CVE-2017-18248.patch: validate requesting-user-name in
      scheduler/ipp.c.
    - CVE-2017-18248
  * SECURITY UPDATE: privilege escalation in dnssd backend
    - debian/patches/CVE-2018-418x.patch: don't allow PassEnv and SetEnv to
      override standard variables in man/cups-files.conf.man.in,
      man/cupsd.conf.man.in, scheduler/conf.c, test/run-stp-tests.sh.
    - CVE-2018-4180
  * SECURITY UPDATE: local file read via Include directive
    - debian/patches/CVE-2018-418x.patch: remove Include directive handling
      in scheduler/conf.c.
    - CVE-2018-4181
  * SECURITY UPDATE: AppArmor sandbox bypass
    - debian/local/apparmor-profile: also confine
      /usr/lib/cups/backend/mdns.
    - CVE-2018-6553

Author: Till Kamppeter
Author Date: 2018-04-09 19:44:01 UTC

Import patches-unapplied version 2.2.7-1ubuntu2 to ubuntu/bionic-proposed

Imported using git-ubuntu import.

Changelog parent: 58cadc6a44e6a3bbb2ef0c4e86a40a736e90a2c1

New changelog entries:
  * Fixed another crash when creating temporary queues for IPP printers
    (Issue #5290, LP: #1762476).

Author: Ubuntu Git Importer
Author Date: 2018-04-03 06:39:37 UTC

pristine-tar data for cups_2.2.7.orig.tar.gz

Author: Ubuntu Git Importer
Author Date: 2018-04-02 22:44:29 UTC

pristine-tar data for cups_2.3~b4.orig.tar.gz

Author: Didier Raboud
Author Date: 2017-07-21 12:09:44 UTC

Import patches-unapplied version 1.7.5-11+deb8u2 to debian/jessie

Imported using git-ubuntu import.

Changelog parent: bde2b5264002042cc63fad751f584b994444be40

New changelog entries:
  * Disable SSLv3 and RC4 by default to address POODLE vulnerability
    (Closes: #839226)
    - Implement SSLOptions to permit the use of AllowSSL3 and AllowRC4
      respectively
  * Refresh patches

Author: Dariusz Gadomski
Author Date: 2017-11-08 10:31:52 UTC

Import patches-unapplied version 2.2.4-7ubuntu3 to ubuntu/artful-proposed

Imported using git-ubuntu import.

Changelog parent: 1c5397ebfb738baa5c3e5d9c82a3f6e0a06d1baa

New changelog entries:
  * Fixes cupsGetNamedDest not using local default printer
    (LP: #1729910)

Author: Till Kamppeter
Author Date: 2017-09-26 13:26:01 UTC

Import patches-unapplied version 2.2.4-7ubuntu2 to ubuntu/artful-proposed

Imported using git-ubuntu import.

Changelog parent: d85e11b8aa2c0d55fc7c9c18fb2de8890c89314f

New changelog entries:
  * test-drivers script of autopkgtest: Skip also gen-ubrl.ppd as it is also a
    test/debug PPD for Braille embossers which does not accept PDF as
    input format. This broke the test with cups-filters 1.17.6 and later.

Author: Jamie Strandboge
Author Date: 2017-03-23 17:55:49 UTC

Import patches-unapplied version 2.2.2-1ubuntu1 to ubuntu/zesty-proposed

Imported using git-ubuntu import.

Changelog parent: 319172f6dbb1b7c1856d5f08da55cddbe17107f0

New changelog entries:
  * debian/local/apparmor-profile:
    - allow cupsd and cups-pdf to communicate via Unix sockets (LP: #1675503)
    - adjust cups-pdf log location
    - allow cups-pdf to read /etc/cups/ppd/*.ppd
    - silence noisy denials for cupsd occasionally trying to send signals to
      unconfined
    - allow capability wake_alarm (seen in LP: 1641985)

Author: Jamie Strandboge
Author Date: 2017-03-23 17:55:49 UTC

Import patches-unapplied version 2.2.2-1ubuntu1 to ubuntu/zesty-proposed

Imported using git-ubuntu import.

Changelog parent: 319172f6dbb1b7c1856d5f08da55cddbe17107f0

New changelog entries:
  * debian/local/apparmor-profile:
    - allow cupsd and cups-pdf to communicate via Unix sockets (LP: #1675503)
    - adjust cups-pdf log location
    - allow cups-pdf to read /etc/cups/ppd/*.ppd
    - silence noisy denials for cupsd occasionally trying to send signals to
      unconfined
    - allow capability wake_alarm (seen in LP: 1641985)

Author: Jamie Strandboge
Author Date: 2017-03-23 17:55:49 UTC

Import patches-unapplied version 2.2.2-1ubuntu1 to ubuntu/zesty-proposed

Imported using git-ubuntu import.

Changelog parent: 319172f6dbb1b7c1856d5f08da55cddbe17107f0

New changelog entries:
  * debian/local/apparmor-profile:
    - allow cupsd and cups-pdf to communicate via Unix sockets (LP: #1675503)
    - adjust cups-pdf log location
    - allow cups-pdf to read /etc/cups/ppd/*.ppd
    - silence noisy denials for cupsd occasionally trying to send signals to
      unconfined
    - allow capability wake_alarm (seen in LP: 1641985)

Author: Dariusz Gadomski
Author Date: 2017-02-15 14:55:27 UTC

Import patches-unapplied version 1.7.2-0ubuntu1.8 to ubuntu/trusty-proposed

Imported using git-ubuntu import.

Changelog parent: 8ea31fb937dfa22ce834fefb3995ed9671f16787

New changelog entries:
  * Fixed processing of server overrides without port numbers. (LP: #1665018)

Author: Dimitri John Ledkov
Author Date: 2016-12-22 17:06:04 UTC

Import patches-unapplied version 2.2.0-2ubuntu0.1 to ubuntu/yakkety-proposed

Imported using git-ubuntu import.

Changelog parent: 25ad8a76fdb66ed5f804f23e01021c56be468bc1

New changelog entries:
  * Make cups.path unit be part of the cups.service, since cups.path
    should stop if and when cups.service is stopped. LP: #1642966

Author: Dimitri John Ledkov
Author Date: 2016-12-22 17:06:04 UTC

Import patches-unapplied version 2.2.0-2ubuntu0.1 to ubuntu/yakkety-proposed

Imported using git-ubuntu import.

Changelog parent: 25ad8a76fdb66ed5f804f23e01021c56be468bc1

New changelog entries:
  * Make cups.path unit be part of the cups.service, since cups.path
    should stop if and when cups.service is stopped. LP: #1642966

Author: Didier Raboud
Author Date: 2016-09-21 07:30:58 UTC

Import patches-unapplied version 2.2.0-2 to debian/sid

Imported using git-ubuntu import.

Changelog parent: 3ffe83bf8e06cf7c64279070f9c1b9f485c5a1d1

New changelog entries:
  * Backport upstream patch to handle partial failures when connecting
    (Closes: #838434)

Author: Didier Raboud
Author Date: 2016-03-18 14:24:54 UTC

Import patches-unapplied version 2.1.3-4 to debian/sid

Imported using git-ubuntu import.

Changelog parent: b3ab3ae3b80c13aba010771042d9d10e03670f3f

New changelog entries:
  [ Till Kamppeter ]
  * Quirk rule to make Lexmark C540n work (STR #4778)
  * Quirk rule to make Xerox WorkCentre 3220 work (LP: #1406203, STR #4789)

Author: Till Kamppeter
Author Date: 2015-10-08 14:46:01 UTC

Import patches-unapplied version 2.1.0-4ubuntu3 to ubuntu/wily-proposed

Imported using git-ubuntu import.

Changelog parent: 44edc8c54136801d15b13594246820e669a9e7bb

New changelog entries:
  * Updated the patch to patch loading the PPDs for IPP print queues
    to the corrected upstream fix (CUPS STR #4725).

Author: Till Kamppeter
Author Date: 2015-10-08 14:46:01 UTC

Import patches-unapplied version 2.1.0-4ubuntu3 to ubuntu/wily-proposed

Imported using git-ubuntu import.

Changelog parent: 44edc8c54136801d15b13594246820e669a9e7bb

New changelog entries:
  * Updated the patch to patch loading the PPDs for IPP print queues
    to the corrected upstream fix (CUPS STR #4725).

Author: Till Kamppeter
Author Date: 2015-10-08 14:46:01 UTC

Import patches-unapplied version 2.1.0-4ubuntu3 to ubuntu/wily-proposed

Imported using git-ubuntu import.

Changelog parent: 44edc8c54136801d15b13594246820e669a9e7bb

New changelog entries:
  * Updated the patch to patch loading the PPDs for IPP print queues
    to the corrected upstream fix (CUPS STR #4725).

Author: Didier Raboud
Author Date: 2015-06-09 07:54:07 UTC

Import patches-unapplied version 1.5.3-5+deb7u6 to debian/wheezy

Imported using git-ubuntu import.

Changelog parent: 99f50b3fae149de83134de069343c571d0c58fab

New changelog entries:
  * Import 1.5 upstream fix for CERT VU#810572: Privilege escalation through
    dynamic linker and isolated vulnerabilities: STR: #4609, VU#810572
    - CVE-2015-1158 - Improper Update of Reference Count
    - CVE-2015-1159 - Cross-Site Scripting
  * Backport upstream patch to fix cupsRasterReadPixels buffer overflow with
    invalid page header and compressed raster data
    (CVE-2014-9679, STR: #4551, Closes: #778387)

Author: Till Kamppeter
Author Date: 2015-06-12 16:18:01 UTC

Import patches-unapplied version 2.0.2-1ubuntu3.2 to ubuntu/vivid-proposed

Imported using git-ubuntu import.

Changelog parent: 9437f668084328f4757189173a65692bcdedaf86

New changelog entries:
  * debian/patches/cups-busy-loop.patch: Fixed scheduler sometimes
    getting caught in a busy loop (LP: #1426490, CUPS STR #4605).

Author: Till Kamppeter
Author Date: 2015-06-12 16:18:01 UTC

Import patches-unapplied version 2.0.2-1ubuntu3.2 to ubuntu/vivid-proposed

Imported using git-ubuntu import.

Changelog parent: 9437f668084328f4757189173a65692bcdedaf86

New changelog entries:
  * debian/patches/cups-busy-loop.patch: Fixed scheduler sometimes
    getting caught in a busy loop (LP: #1426490, CUPS STR #4605).

Author: Till Kamppeter
Author Date: 2015-06-12 16:18:01 UTC

Import patches-unapplied version 2.0.2-1ubuntu3.2 to ubuntu/vivid-proposed

Imported using git-ubuntu import.

Changelog parent: 9437f668084328f4757189173a65692bcdedaf86

New changelog entries:
  * debian/patches/cups-busy-loop.patch: Fixed scheduler sometimes
    getting caught in a busy loop (LP: #1426490, CUPS STR #4605).

Author: Marc Deslauriers
Author Date: 2015-06-04 12:08:32 UTC

Import patches-unapplied version 1.5.3-0ubuntu8.7 to ubuntu/precise-security

Imported using git-ubuntu import.

Changelog parent: 6cbae9328a2961a3b391d2ee993517b83da6709e

New changelog entries:
  * SECURITY UPDATE: privilege escalation through dynamic linker and
    isolated vulnerabilities
    - debian/patches/str4609.patch: apply patch from upstream to
      cgi-bin/ipp-var.c, cgi-bin/template.c, scheduler/ipp.c,
      scheduler/job.c.
    - CVE number pending

Author: Marc Deslauriers
Author Date: 2015-06-04 11:37:56 UTC

Import patches-unapplied version 2.0.2-1ubuntu3.1 to ubuntu/vivid-security

Imported using git-ubuntu import.

Changelog parent: 61479f725f6755faba6f7d68cb542aaf2cd0e21a

New changelog entries:
  * SECURITY UPDATE: privilege escalation through dynamic linker and
    isolated vulnerabilities
    - debian/patches/str4609.patch: apply patch from upstream to
      cgi-bin/ipp-var.c, cgi-bin/template.c, scheduler/client.c,
      scheduler/conf.c, scheduler/env.c, scheduler/ipp.c, scheduler/job.c,
      scheduler/main.c.
    - CVE number pending

Author: Marc Deslauriers
Author Date: 2015-06-04 12:07:45 UTC

Import patches-unapplied version 1.7.5-3ubuntu3.2 to ubuntu/utopic-security

Imported using git-ubuntu import.

Changelog parent: 1be21fd3c0d91988bce84bac33163dfcc467076a

New changelog entries:
  * SECURITY UPDATE: privilege escalation through dynamic linker and
    isolated vulnerabilities
    - debian/patches/str4609.patch: apply patch from upstream to
      cgi-bin/ipp-var.c, cgi-bin/template.c, scheduler/client.c,
      scheduler/env.c, scheduler/ipp.c, scheduler/job.c, scheduler/main.c.
    - CVE number pending

Author: Marc Deslauriers
Author Date: 2015-06-04 12:07:45 UTC

Import patches-unapplied version 1.7.5-3ubuntu3.2 to ubuntu/utopic-security

Imported using git-ubuntu import.

Changelog parent: 1be21fd3c0d91988bce84bac33163dfcc467076a

New changelog entries:
  * SECURITY UPDATE: privilege escalation through dynamic linker and
    isolated vulnerabilities
    - debian/patches/str4609.patch: apply patch from upstream to
      cgi-bin/ipp-var.c, cgi-bin/template.c, scheduler/client.c,
      scheduler/env.c, scheduler/ipp.c, scheduler/job.c, scheduler/main.c.
    - CVE number pending

Author: Marc Deslauriers
Author Date: 2015-06-04 12:08:32 UTC

Import patches-unapplied version 1.5.3-0ubuntu8.7 to ubuntu/precise-security

Imported using git-ubuntu import.

Changelog parent: 6cbae9328a2961a3b391d2ee993517b83da6709e

New changelog entries:
  * SECURITY UPDATE: privilege escalation through dynamic linker and
    isolated vulnerabilities
    - debian/patches/str4609.patch: apply patch from upstream to
      cgi-bin/ipp-var.c, cgi-bin/template.c, scheduler/ipp.c,
      scheduler/job.c.
    - CVE number pending

Author: Marc Deslauriers
Author Date: 2015-06-04 12:07:45 UTC

Import patches-unapplied version 1.7.5-3ubuntu3.2 to ubuntu/utopic-security

Imported using git-ubuntu import.

Changelog parent: 1be21fd3c0d91988bce84bac33163dfcc467076a

New changelog entries:
  * SECURITY UPDATE: privilege escalation through dynamic linker and
    isolated vulnerabilities
    - debian/patches/str4609.patch: apply patch from upstream to
      cgi-bin/ipp-var.c, cgi-bin/template.c, scheduler/client.c,
      scheduler/env.c, scheduler/ipp.c, scheduler/job.c, scheduler/main.c.
    - CVE number pending

Author: Marc Deslauriers
Author Date: 2015-06-04 12:08:32 UTC

Import patches-unapplied version 1.5.3-0ubuntu8.7 to ubuntu/precise-security

Imported using git-ubuntu import.

Changelog parent: 6cbae9328a2961a3b391d2ee993517b83da6709e

New changelog entries:
  * SECURITY UPDATE: privilege escalation through dynamic linker and
    isolated vulnerabilities
    - debian/patches/str4609.patch: apply patch from upstream to
      cgi-bin/ipp-var.c, cgi-bin/template.c, scheduler/ipp.c,
      scheduler/job.c.
    - CVE number pending

Author: Marc Deslauriers
Author Date: 2015-02-25 18:45:29 UTC

Import patches-unapplied version 1.4.3-1ubuntu1.14 to ubuntu/lucid-security

Imported using git-ubuntu import.

Changelog parent: bedeb29865f1bbc057ce91c3e2cd12365988edee

New changelog entries:
  * SECURITY UPDATE: buffer overflow in cupsRasterReadPixels
    - debian/patches/CVE-2014-9679.dpatch: validate cupsBytesPerLine and
      clear returned buffer in filter/raster.c.
    - CVE-2014-9679

Author: Marc Deslauriers
Author Date: 2015-02-25 18:45:29 UTC

Import patches-unapplied version 1.4.3-1ubuntu1.14 to ubuntu/lucid-security

Imported using git-ubuntu import.

Changelog parent: bedeb29865f1bbc057ce91c3e2cd12365988edee

New changelog entries:
  * SECURITY UPDATE: buffer overflow in cupsRasterReadPixels
    - debian/patches/CVE-2014-9679.dpatch: validate cupsBytesPerLine and
      clear returned buffer in filter/raster.c.
    - CVE-2014-9679

Author: Marc Deslauriers
Author Date: 2015-02-25 18:45:29 UTC

Import patches-unapplied version 1.4.3-1ubuntu1.14 to ubuntu/lucid-security

Imported using git-ubuntu import.

Changelog parent: bedeb29865f1bbc057ce91c3e2cd12365988edee

New changelog entries:
  * SECURITY UPDATE: buffer overflow in cupsRasterReadPixels
    - debian/patches/CVE-2014-9679.dpatch: validate cupsBytesPerLine and
      clear returned buffer in filter/raster.c.
    - CVE-2014-9679

Author: Till Kamppeter
Author Date: 2015-02-14 11:12:01 UTC

Import patches-unapplied version 2.0.2-1ubuntu3 to ubuntu/vivid-proposed

Imported using git-ubuntu import.

Changelog parent: 7bafb1266281aadbedd2c82c8f96bd3da686c3e0

New changelog entries:
  * debian/tests/utils/test-drivers: Exclude the "everywhere" driver from the
    tests as it requires a physical printer to poll capability info from.

Author: Louis Bouchard
Author Date: 2015-02-09 10:36:08 UTC

Import patches-unapplied version 1.7.5-3ubuntu3 to ubuntu/utopic-proposed

Imported using git-ubuntu import.

Changelog parent: 7406e4c9eb89310825151472dd22c043963ee170

New changelog entries:
  * Fix -h option not honoured when CUPS_SERVER variable
    is defined. (LP: #1352809)

Author: Jamie Strandboge
Author Date: 2014-10-16 13:28:29 UTC

Import patches-unapplied version 1.7.5-3ubuntu2 to ubuntu/utopic-proposed

Imported using git-ubuntu import.

Changelog parent: c1565c2aff2946ee589ca8740e9ea9ed422ad956

New changelog entries:
  * debian/local/apparmor-profile:
    - allow all signals to /usr/sbin/cupsd//third_party
    - allow unix to /usr/sbin/cupsd//third_party (LP: #1382042)

Author: Didier Raboud
Author Date: 2014-05-03 13:43:50 UTC

Import patches-unapplied version 1.4.4-7+squeeze5 to debian/squeeze

Imported using git-ubuntu import.

Changelog parent: dd36b5bc806355b886ba42fb082dc8ac8f6c3cdb

New changelog entries:
  * Import upstream patch to fix XSS in the CUPS webinterface (STR #4356),
    fixes CVE-2014-2856
  * Backport security fix from cups-filters 1.0.47:
    pdftoopvp: SECURITY FIX for CVE-2013-6474, CVE-2013-6475, and
    CVE-2013-6476: Introduction of gmallocn and gmallocn3 to protect against
    arbitrary code execution with the privileges of the "lp" user via
    malicious PDF files. Also restrict the directory from where OPVP drivers
    can get loaded (Closes: #741333)

Author: Ryan Tandy
Author Date: 2014-04-24 16:17:07 UTC

Import patches-unapplied version 1.5.3-0ubuntu8.3 to ubuntu/precise-proposed

Imported using git-ubuntu import.

Changelog parent: 26caf956d4cf0b882b0de1099567454b8d85dfbe

New changelog entries:
  * debian/patches/handle-server-terminating-connection.patch: Fix the
    handling of a connection terminated by the server (LP: #1020048)

Author: Marc Deslauriers
Author Date: 2014-04-18 15:03:53 UTC

Import patches-unapplied version 1.7.0~rc1-0ubuntu5.3 to ubuntu/saucy-security

Imported using git-ubuntu import.

Changelog parent: 304f8e35991e14863660743af0430ee310b8fbd8

New changelog entries:
  * SECURITY UPDATE: cross-site scripting issue in web interface
    - debian/patches/CVE-2014-2856.patch: filter bad characters from the
      URL in scheduler/client.c.
    - CVE-2014-2856

Author: Marc Deslauriers
Author Date: 2014-04-18 15:03:53 UTC

Import patches-unapplied version 1.7.0~rc1-0ubuntu5.3 to ubuntu/saucy-security

Imported using git-ubuntu import.

Changelog parent: 304f8e35991e14863660743af0430ee310b8fbd8

New changelog entries:
  * SECURITY UPDATE: cross-site scripting issue in web interface
    - debian/patches/CVE-2014-2856.patch: filter bad characters from the
      URL in scheduler/client.c.
    - CVE-2014-2856

Author: Marc Deslauriers
Author Date: 2014-04-18 15:56:53 UTC

Import patches-unapplied version 1.6.1-0ubuntu11.6 to ubuntu/quantal-security

Imported using git-ubuntu import.

Changelog parent: ff559a2bfb68b0c56c3c2a0b694c0d0b1fa29425

New changelog entries:
  * SECURITY UPDATE: cross-site scripting issue in web interface
    - debian/patches/CVE-2014-2856.patch: filter bad characters from the
      URL in scheduler/client.c.
    - CVE-2014-2856

Author: Marc Deslauriers
Author Date: 2014-04-18 15:56:53 UTC

Import patches-unapplied version 1.6.1-0ubuntu11.6 to ubuntu/quantal-security

Imported using git-ubuntu import.

Changelog parent: ff559a2bfb68b0c56c3c2a0b694c0d0b1fa29425

New changelog entries:
  * SECURITY UPDATE: cross-site scripting issue in web interface
    - debian/patches/CVE-2014-2856.patch: filter bad characters from the
      URL in scheduler/client.c.
    - CVE-2014-2856

Author: Marc Deslauriers
Author Date: 2014-04-18 15:03:53 UTC

Import patches-unapplied version 1.7.0~rc1-0ubuntu5.3 to ubuntu/saucy-security

Imported using git-ubuntu import.

Changelog parent: 304f8e35991e14863660743af0430ee310b8fbd8

New changelog entries:
  * SECURITY UPDATE: cross-site scripting issue in web interface
    - debian/patches/CVE-2014-2856.patch: filter bad characters from the
      URL in scheduler/client.c.
    - CVE-2014-2856

Author: Marc Deslauriers
Author Date: 2014-04-18 15:56:53 UTC

Import patches-unapplied version 1.6.1-0ubuntu11.6 to ubuntu/quantal-security

Imported using git-ubuntu import.

Changelog parent: ff559a2bfb68b0c56c3c2a0b694c0d0b1fa29425

New changelog entries:
  * SECURITY UPDATE: cross-site scripting issue in web interface
    - debian/patches/CVE-2014-2856.patch: filter bad characters from the
      URL in scheduler/client.c.
    - CVE-2014-2856

Author: Till Kamppeter
Author Date: 2014-04-10 17:17:25 UTC

Import patches-unapplied version 1.7.2-0ubuntu1 to ubuntu/trusty-proposed

Imported using git-ubuntu import.

Changelog parent: 65914de804e936f978d5abdfcd6ca2ba767d1530

New changelog entries:
  * New upstream bug fix release
     - Addresses a web interface redirection security issue, some scheduler
       crashed on Linux, and other general bug fixes.
  * str4393-fix-memoryleak-in-rastertolabel.patch,
    fix-cupsdgetprivateattrs-function-missing-null-check.patch,
    fix-cupsenumdests-does-not-fill-in-is_default-field.patch,
    cupsd-support-avahi-daemon-restarting.patch,
    cupsenumdests-does-not-set-cb.patch,
    fix-a-dbus-threading-issue-that-caused-the-scheduler-to-crash.patch:
    Removed patches backported from upstream.
  * build-with-full-relro.patch,
    fix-template.c-typo.patch,
    prevent-dnssd-backend-exiting-too-early.patch: Removed, fixed upstream.
  * mention-rfc2911-in-ipptoolfile-for-clarity.patch: Removed, fixed
    differently upstream.
  * manpage-hyphen-minus.patch,
    cupsd-upstart-support.patch: Manually regenerated to adapt
    to upstream changes.
  * color-management-extension.patch,
    cupsd-exit-on-idle.patch,
    cupsd-exit-on-idle-upstart.patch,
    read-embedded-options-from-incoming-postscript-and-add-to-ipp-attrs.patch,
    airprint-support.patch,
    no-conffile-timestamp.patch,
    pidfile.patch: Refreshed with quilt.

Author: Marc Deslauriers
Author Date: 2014-01-14 15:10:26 UTC

Import patches-unapplied version 1.6.2-1ubuntu8 to ubuntu/raring-security

Imported using git-ubuntu import.

Changelog parent: 7b35d572c2633154c37b3ddc2a8e264e1a2b767d

New changelog entries:
  * SECURITY UPDATE: information disclosure via lppasswd binary
    - debian/patches/CVE-2013-6891.patch: don't parse user file if setuid
      in cups/usersys.c.
    - CVE-2013-6891
  * This update does _not_ contain the changes from 1.6.2-1ubuntu7 in
    raring-proposed.

Author: Marc Deslauriers
Author Date: 2014-01-14 15:10:26 UTC

Import patches-unapplied version 1.6.2-1ubuntu8 to ubuntu/raring-security

Imported using git-ubuntu import.

Changelog parent: 7b35d572c2633154c37b3ddc2a8e264e1a2b767d

New changelog entries:
  * SECURITY UPDATE: information disclosure via lppasswd binary
    - debian/patches/CVE-2013-6891.patch: don't parse user file if setuid
      in cups/usersys.c.
    - CVE-2013-6891
  * This update does _not_ contain the changes from 1.6.2-1ubuntu7 in
    raring-proposed.

Author: Marc Deslauriers
Author Date: 2014-01-14 15:10:26 UTC

Import patches-unapplied version 1.6.2-1ubuntu8 to ubuntu/raring-security

Imported using git-ubuntu import.

Changelog parent: 7b35d572c2633154c37b3ddc2a8e264e1a2b767d

New changelog entries:
  * SECURITY UPDATE: information disclosure via lppasswd binary
    - debian/patches/CVE-2013-6891.patch: don't parse user file if setuid
      in cups/usersys.c.
    - CVE-2013-6891
  * This update does _not_ contain the changes from 1.6.2-1ubuntu7 in
    raring-proposed.

Author: Till Kamppeter
Author Date: 2013-11-08 17:49:01 UTC

Import patches-unapplied version 1.7.0~rc1-0ubuntu5.1 to ubuntu/saucy-proposed

Imported using git-ubuntu import.

Changelog parent: 82d9b75bc4fd6c1cbfce4f08351c87c3b920c79a

New changelog entries:
  * debian/patches/lpadmin-ppdname-fix.patch: The lpadmin command did not send
    the PPD name from the "-m" option and also the web interface did not use
    the selected PPD file (LP: #1248578).

Author: Till Kamppeter
Author Date: 2013-09-27 10:30:01 UTC

Import patches-unapplied version 1.7.0~rc1-0ubuntu5 to ubuntu/saucy-proposed

Imported using git-ubuntu import.

Changelog parent: 915ae924b0fd8a170a24c6dcde3d7ea475b1a442

New changelog entries:
  * debian/local/cupsd-sync-files-on-close.patch: Corrected patch, the new
    SyncOnClose directive needs to be in cups-files.conf (LP: #1157972,
    Red Hat bug #984883).

Author: Till Kamppeter
Author Date: 2013-04-23 10:12:12 UTC

Import patches-unapplied version 1.6.1-0ubuntu11.4 to ubuntu/quantal-proposed

Imported using git-ubuntu import.

Changelog parent: 503148f2706706ce92ce60537b2cac6d9754e599

New changelog entries:
  * debian/cups.logrotate: Do not remove CUPS' log files while the CUPS
    daemon is running. Stop CUPS, move the files, and then start it again.
    This avoids crashes during the log rotation process (LP: #1086019).

Author: Till Kamppeter
Author Date: 2013-05-10 13:06:56 UTC

Import patches-unapplied version 1.6.2-1ubuntu7 to ubuntu/raring-proposed

Imported using git-ubuntu import.

Changelog parent: 723d8e5734817535006bd0cdff9a0a400b9e25a6

New changelog entries:
  * debian/patches/usb-backend-do-not-crash-if-usb-disabled-in-bios.patch:
    Add patch to test suite to ignore the newly introduced warning message.
    This message gets regularly issued on build servers which use virtual
    machines without access to the host's USB and so the test suite fails due
    to an extra warning. Due to this there was a FTBFS in the previous release
    (LP: #1108719).

Author: Till Kamppeter
Author Date: 2013-04-15 13:13:01 UTC

Import patches-unapplied version 1.6.2-1ubuntu5 to ubuntu/raring-proposed

Imported using git-ubuntu import.

Changelog parent: 50dc92a6f0eb6c6435bc7d7119b17caddededc40

New changelog entries:
  * debian/patches/usb-backend-more-quirk-rules.patch: Added quirk rule for the
    QinHeng CH340S USB->Parallel adapter (LP: #1000253).

Author: Marc Deslauriers
Author Date: 2012-12-03 14:14:13 UTC

Import patches-unapplied version 1.5.0-8ubuntu7.3 to ubuntu/oneiric-security

Imported using git-ubuntu import.

Changelog parent: 5697c5e0d3d18776cb49283e12e014359f2a166c

New changelog entries:
  * SECURITY UPDATE: privilege escalation via config file editing
    - debian/patches/CVE-2012-5519.patch: split configuration file into
      two, to isolate options that have a security impact.
    - debian/cups.install: also install cups-files.conf
    - debian/patches/removecvstag.patch: updated to remove tag from
      cups-files.conf.
    - CVE-2012-5519
  * NOTE: this package does _not_ include the changes from 1.5.0-8ubuntu7
    in oneiric-proposed.

Author: Marc Deslauriers
Author Date: 2012-12-03 14:14:13 UTC

Import patches-unapplied version 1.5.0-8ubuntu7.3 to ubuntu/oneiric-security

Imported using git-ubuntu import.

Changelog parent: 5697c5e0d3d18776cb49283e12e014359f2a166c

New changelog entries:
  * SECURITY UPDATE: privilege escalation via config file editing
    - debian/patches/CVE-2012-5519.patch: split configuration file into
      two, to isolate options that have a security impact.
    - debian/cups.install: also install cups-files.conf
    - debian/patches/removecvstag.patch: updated to remove tag from
      cups-files.conf.
    - CVE-2012-5519
  * NOTE: this package does _not_ include the changes from 1.5.0-8ubuntu7
    in oneiric-proposed.

Author: Marc Deslauriers
Author Date: 2012-12-03 14:14:13 UTC

Import patches-unapplied version 1.5.0-8ubuntu7.3 to ubuntu/oneiric-security

Imported using git-ubuntu import.

Changelog parent: 5697c5e0d3d18776cb49283e12e014359f2a166c

New changelog entries:
  * SECURITY UPDATE: privilege escalation via config file editing
    - debian/patches/CVE-2012-5519.patch: split configuration file into
      two, to isolate options that have a security impact.
    - debian/cups.install: also install cups-files.conf
    - debian/patches/removecvstag.patch: updated to remove tag from
      cups-files.conf.
    - CVE-2012-5519
  * NOTE: this package does _not_ include the changes from 1.5.0-8ubuntu7
    in oneiric-proposed.

Author: Till Kamppeter
Author Date: 2012-10-15 17:43:30 UTC

Import patches-unapplied version 1.6.1-0ubuntu11 to ubuntu/quantal-proposed

Imported using git-ubuntu import.

Changelog parent: 2ccd5fc87cef3540e5c09abfc56d8d5c96072e07

New changelog entries:
  * debian/patches/cupsd-no-crash-on-avahi-threaded-poll-shutdown.patch:
    Fixed crash which sometimes happens on shutdown of the CUPS daemom,
    caused by a wrong shutdown sequence for shutting down the Avahi threaded
    poll (LP: #1034045).

Author: Steve Langasek
Author Date: 2012-04-09 15:24:48 UTC

Import patches-unapplied version 1.5.2-9ubuntu1 to ubuntu/precise

Imported using git-ubuntu import.

Changelog parent: 181985da7ea2815e21a327a35c585b8ee5bb8791

New changelog entries:
  * Don't wait on udevtrigger before starting cups; the only reason this
    is here is to let '/lib/udev/udev-configure-printer enumerate' work, but
    if cups does start before we've cold-plugged everything, the udev rule
    will call '/lib/udev/udev-configure-printer add' for each device it
    discovers anyway, so this is redundant.

Author: Till Kamppeter
Author Date: 2012-03-28 12:36:54 UTC

Import patches-unapplied version 1.4.3-1ubuntu1.6 to ubuntu/lucid-proposed

Imported using git-ubuntu import.

Changelog parent: 48935d447079c788497dac74ad2ba9908557b9d8

New changelog entries:
  * debian/patches/cupsd-fix-crash-on-sighup.dpatch: Fixed crash of the
    scheduler (CUPS daemon) on the SIGHUP signal (sent on log rotation,
    restart, ..., LP: #857663).

Author: Yves-Alexis Perez
Author Date: 2011-11-28 14:07:53 UTC

Import patches-unapplied version 1.3.8-1+lenny10 to debian/lenny

Imported using git-ubuntu import.

Changelog parent: 4ef057e42775f1f4b46e12c9c62b41b3d4faa1ea

New changelog entries:
  * Non-maintainer upload by the Security Team.
  * debian/patches:
    - str3867 added, fix an infinite loop / heap-based buffer overflow in the
      gif_read_lzw() function (CVE-2011-2896)
    - str3914 added, complete the fix for the previous issue (CVE-2011-3170).

Author: Till Kamppeter
Author Date: 2012-01-17 11:05:41 UTC

Import patches-unapplied version 1.5.0-8ubuntu7 to ubuntu/oneiric-proposed

Imported using git-ubuntu import.

Changelog parent: 5697c5e0d3d18776cb49283e12e014359f2a166c

New changelog entries:
  * debian/patches/usb-backend-generate-device-uri-without-device-id.patch:
    Make USB printers working independent of what gets reported as their
    device ID, including random characters or nothing. This should especially
    make all USB->Parallel adapters work (LP: #910272).

Author: Martin Pitt
Author Date: 2011-09-27 12:46:38 UTC

Import patches-unapplied version 1.5.0-8 to debian/sid

Imported using git-ubuntu import.

Changelog parent: cc5ba33693aaca8502ba070131b59211f27590c9

New changelog entries:
  * Urgency medium due to security fix. The previous version wasn't in testing
    yet, but already matured for half of the usual period, so it will still
    be 10 days in sum.
  * Add 00svn_gif_overflow.patch: Fix heap overflow with broken/crafted GIF
    files. Patch taken from upstream svn. [CVE-2011-3170]

Author: Marc Deslauriers
Author Date: 2011-09-12 13:02:13 UTC

Import patches-unapplied version 1.4.6-5ubuntu1.4 to ubuntu/natty-security

Imported using git-ubuntu import.

Changelog parent: 843db645135ddc7475cb252511cadd6c922db9fb

New changelog entries:
  * SECURITY UPDATE: arbitrary code execution via missing code words
    - debian/patches/CVE-2011-2896.dpatch: improve logic in
      filter/image-gif.c.
    - CVE-2011-2896
  * SECURITY UPDATE: arbitrary code execution via incorrect code word
    handling
    - debian/patches/CVE-2011-3170.dpatch: don't overflow in
      filter/image-gif.c.
    - CVE-2011-3170

Author: Marc Deslauriers
Author Date: 2011-09-12 13:02:13 UTC

Import patches-unapplied version 1.4.6-5ubuntu1.4 to ubuntu/natty-security

Imported using git-ubuntu import.

Changelog parent: 843db645135ddc7475cb252511cadd6c922db9fb

New changelog entries:
  * SECURITY UPDATE: arbitrary code execution via missing code words
    - debian/patches/CVE-2011-2896.dpatch: improve logic in
      filter/image-gif.c.
    - CVE-2011-2896
  * SECURITY UPDATE: arbitrary code execution via incorrect code word
    handling
    - debian/patches/CVE-2011-3170.dpatch: don't overflow in
      filter/image-gif.c.
    - CVE-2011-3170

Author: Marc Deslauriers
Author Date: 2011-09-12 13:20:08 UTC

Import patches-unapplied version 1.4.4-6ubuntu2.4 to ubuntu/maverick-security

Imported using git-ubuntu import.

Changelog parent: 6b896fcbdf06c352e0b5753e8d514c18de8fb08b

New changelog entries:
  * SECURITY UPDATE: arbitrary code execution via missing code words
    - debian/patches/CVE-2011-2896.dpatch: improve logic in
      filter/image-gif.c.
    - CVE-2011-2896
  * SECURITY UPDATE: arbitrary code execution via incorrect code word
    handling
    - debian/patches/CVE-2011-3170.dpatch: don't overflow in
      filter/image-gif.c.
    - CVE-2011-3170

Author: Marc Deslauriers
Author Date: 2011-09-12 13:02:13 UTC

Import patches-unapplied version 1.4.6-5ubuntu1.4 to ubuntu/natty-security

Imported using git-ubuntu import.

Changelog parent: 843db645135ddc7475cb252511cadd6c922db9fb

New changelog entries:
  * SECURITY UPDATE: arbitrary code execution via missing code words
    - debian/patches/CVE-2011-2896.dpatch: improve logic in
      filter/image-gif.c.
    - CVE-2011-2896
  * SECURITY UPDATE: arbitrary code execution via incorrect code word
    handling
    - debian/patches/CVE-2011-3170.dpatch: don't overflow in
      filter/image-gif.c.
    - CVE-2011-3170

Author: Marc Deslauriers
Author Date: 2011-09-12 13:20:08 UTC

Import patches-unapplied version 1.4.4-6ubuntu2.4 to ubuntu/maverick-security

Imported using git-ubuntu import.

Changelog parent: 6b896fcbdf06c352e0b5753e8d514c18de8fb08b

New changelog entries:
  * SECURITY UPDATE: arbitrary code execution via missing code words
    - debian/patches/CVE-2011-2896.dpatch: improve logic in
      filter/image-gif.c.
    - CVE-2011-2896
  * SECURITY UPDATE: arbitrary code execution via incorrect code word
    handling
    - debian/patches/CVE-2011-3170.dpatch: don't overflow in
      filter/image-gif.c.
    - CVE-2011-3170

Author: Marc Deslauriers
Author Date: 2011-09-12 13:20:08 UTC

Import patches-unapplied version 1.4.4-6ubuntu2.4 to ubuntu/maverick-security

Imported using git-ubuntu import.

Changelog parent: 6b896fcbdf06c352e0b5753e8d514c18de8fb08b

New changelog entries:
  * SECURITY UPDATE: arbitrary code execution via missing code words
    - debian/patches/CVE-2011-2896.dpatch: improve logic in
      filter/image-gif.c.
    - CVE-2011-2896
  * SECURITY UPDATE: arbitrary code execution via incorrect code word
    handling
    - debian/patches/CVE-2011-3170.dpatch: don't overflow in
      filter/image-gif.c.
    - CVE-2011-3170