Ubuntu
cups package

lp:ubuntu/natty-security/cups

  1. Natty (11.04)
  2. natty-security
Created by Ubuntu Package Importer and last modified
Get this branch:
bzr branch lp:ubuntu/natty-security/cups
Members of Ubuntu branches can upload to this branch. Log in for directions.

Branch merges

Related bugs

Related blueprints

Branch information

Owner:
Ubuntu branches
Review team:
Ubuntu Development Team
Status:
Mature

Recent revisions

50. By Marc Deslauriers

* SECURITY UPDATE: arbitrary code execution via missing code words
  - debian/patches/CVE-2011-2896.dpatch: improve logic in
    filter/image-gif.c.
  - CVE-2011-2896
* SECURITY UPDATE: arbitrary code execution via incorrect code word
  handling
  - debian/patches/CVE-2011-3170.dpatch: don't overflow in
    filter/image-gif.c.
  - CVE-2011-3170

49. By Martin Pitt

Revert calling "convert" on the banner PNGs (r961); the file is already
correct in the source. The format conversion happens in Ubuntu's
pkgbinarymangler, so it does not affect Debian builds at all and also this
cannot be circumvented that way. Instead, blacklist this package from
pkgstripfiles. (LP: #710881)

48. By Martin Pitt

[ Till Kamppeter ]
* debian/patches/cups-avahi.dpatch: Updated the patch to add Avahi support
  to the newest state of the art from
  http://twaugh.fedorapeople.org/cups-avahi/ (upstream of the patch),
  in the hope to fix CUPS crashers like LP #759031, #754567, #711875,
  #751770.

[ Martin Pitt ]
* debian/local/apparmor-profile: Add cap_dac_read_search for cups-pdf. This
  circumvents the sandboxing even more, but with cups-pdf's architecture
  there is no way around it. (LP: #295536)

47. By Till Kamppeter

* debian/patches/fix-broken-ipv6-uris.dpatch: When accessing the web
  interface via http: (unencrypted) and one does an adminstrative task
  which requires encryption, on upgrading to https: (encrypted) mode
  IPv6 IP addresses without "[...]" get inserted into the URL and the
  browser cannot parse the URL correctly. Fixed with a patch from upstream
  (LP: #744674).
* debian/rules: Convert cups.png (CUPS logo for test page) to RGBA, as the
  original 8-bit-per-pixel color map format leads to a crash in libpng. This
  prevents the CUPS test page and the banner pages from printing
  (LP: #710881).
* debian/control: Add ImageMagick to the build dependencies, as it is
  needed for the CUPS logo image conversion.

46. By Martin Pitt

[ Till Kamppeter ]
* debian/local/filters/pdf-filters/filter/pdftoraster.cxx: Latest bug fixes
  from upstream:
   o Respect the "*RequiresPageRegion" attribute of the PPD files in the
     same way as pstops does (LP: #405116).
   o Change default rendering intent to PERCEPTUAL.
   o Use external ICC color profile also with CMYK color space.
* debian/local/filters/pdf-filters/pdftopdf/pdftopdf.cxx: Latest bug fixes
  from upstream:
   o Support ipp-attribute-fidelity option and MirrorPrint choice. This is
     needed that appropriate options in printing dialogs and printer setup
     tools are respected.

[ Martin Pitt ]
* debian/control: Downgrade smbclient to Recommends. (Closes: #618545)

45. By Martin Pitt

[ Till Kamppeter ]
* debian/printer.schema: Added missing "printerType" attribute. Thanks to
  Mario Fetka for the hint (LP: #724980).

[ Martin Pitt ]
* ubuntu-upstart.dpatch: Fix start failure if apparmor-profile-load doesn't
  exist. Thanks Zach! (LP: #728592)

[ Martin-Éric Racine ]
* Added Recommends:smbclient to cups-client (Closes: #616015).

44. By Martin Pitt

* New upstream release.

[ Martin Pitt ]
* ppdc-dynamic-linking.dpatch: Update to new upstream version.
* debian/control: Bump smbclient from Suggests to Recommends.
  (Closes: #595771)

[ Martin-Éric Racine ]
* Updated my contact info in debian/control.

43. By Martin Pitt

[ Till Kamppeter ]
* debian/rules: Do not remove the /usr/share/cups/model/ directory, some
  manufacturer-supplied printer drivers (like from Brother) still use it.
* debian/rules: Remove a cost factor change for pstops. It is not used any
  more and overridden by
  pstops-based-workflow-only-for-printing-ps-on-a-ps-printer.dpatch
* debian/local/filters/pdf-filters/filter/pdftoraster.cxx,
  debian/local/filters/pdf-filters/conf/pdftoraster.convs,
  debian/local/filters/pdf-filters/README,
  debian/local/filters/pdf-filters/addtocups
  debian/local/filters/pdf-filters/conf/HP-PhotoSmart_Pro_B8300-hpijs-pdftoijs.ppd,
  debian/local/filters/pdf-filters/config-scripts/cups-pdf-filters.m4,
  debian/local/filters/pdf-filters/removefromcups: Upstream changes of
  the PDF filter add-on package:
   o Added the Poppler-based pdftoraster filter. This filter is much faster
     than the Ghostscript-based filter (LP: #668800).
   o Cleaned up the sample PPD file for pdftoijs (does not go into the
     Debian/Ubuntu package of CUPS).
* debian/rules: Rename the newly added Poppler-based pdftoraster filter
  to pdftoraster-poppler to not conflict with Ghostscript's pdftoraster
  and lower its cost factor so that it is prioritized against Ghostscript's
  filter.
* debian/patches/cups-avahi.dpatch: Updated to fix assertion failure
  (LP: #707592, Red Hat bug #672143).

[ Martin Pitt ]
* debian/patches/ubuntu-upstart.dpatch: Don't ignore failures from
  apparmor-profile-load.

42. By Jamie Strandboge

No change upload to rebuild against new poppler

41. By Kees Cook

* Use AppArmor profile loading helper (LP: #690040):
  - debian/patches/ubuntu-upstart.dpatch: load profile.
  - debian/control: Depend on upstart.

Branch metadata

Branch format:
Branch format 7
Repository format:
Bazaar repository format 2a (needs bzr 1.16 or later)
Stacked on:
lp:ubuntu/oneiric/cups
This branch contains Public information 
Everyone can see this information.

Subscribers