Ubuntu
cups package

lp:ubuntu/precise-security/cups

  1. Precise (12.04)
  2. precise-security
Created by Ubuntu Package Importer and last modified
Get this branch:
bzr branch lp:ubuntu/precise-security/cups
Members of Ubuntu branches can upload to this branch. Log in for directions.

Branch merges

Related bugs

Related blueprints

Branch information

Owner:
Ubuntu branches
Review team:
Ubuntu Development Team
Status:
Mature

Recent revisions

98. By Marc Deslauriers

* SECURITY UPDATE: privilege escalation via config file editing
  - debian/patches/CVE-2012-5519.patch: split configuration file into
    two, to isolate options that have a security impact.
  - debian/cups.install: also install cups-files.conf
  - debian/patches/removecvstag.patch: updated to remove tag from
    cups-files.conf.
  - CVE-2012-5519
* debian/control: remove libtiff5-dev alternate build-depends so this
  package can build in a schroot.
* NOTE: this package does _not_ include the changes from 1.5.3-0ubuntu5
  in precise-proposed.

97. By Steve Langasek

Don't wait on udevtrigger before starting cups; the only reason this
is here is to let '/lib/udev/udev-configure-printer enumerate' work, but
if cups does start before we've cold-plugged everything, the udev rule
will call '/lib/udev/udev-configure-printer add' for each device it
discovers anyway, so this is redundant.

96. By Martin Pitt

[ Till Kamppeter ]
* debian/control: In the Recommends: section of the "cups" binary package
  replaced "cups-driver-gutenprint" by "printer-driver-gutenprint" to
  reflect the new name (LP: #966217).
* debian/patches/cups-polld-reconnect.patch: The CUPS polling daemon did not
  reinitialize its connection to the remote server on errors in all cases
  (LP: #965124, CUPS STR #4031, Red Hat bug #799595).
* debian/patches/commandtops-make-robust-against-broken-postscript.patch:
  Updated patch to the upstream state of commandtops.
* debian/patches/ppd-cache-fix-crash.patch: Added NULL check to fix crash
  of cupsd on corrupted data in /var/cache/cups/ (LP: #957023, CUPS STR
  #4049).
* debian/patches/cups-avahi.patch: Refreshed with quilt.

[ Martin Pitt ]
* debian/cups.postinst: Don't fall over if /etc/apparmor.d/local exists and
  is not a directory. (LP: #962226)

95. By Till Kamppeter

debian/patches/commandtops-make-robust-against-broken-postscript.patch:
Updated patch to the upstream state of commandtops.

94. By Till Kamppeter

* debian/patches/ppd-cache-fix-crash.patch: Added NULL check to fix crash
  of cupsd on corrupted data in /var/cache/cups/ (LP: #957023, CUPS STR
  #4049).

* debian/patches/cups-avahi.patch: Refreshed with quilt.

93. By Martin Pitt

[ Till Kamppeter ]
* debian/patches/ipp-fixes-1.5.3.patch: Updated IPP backend to the state of
  the upcoming CUPS 1.5.3, fixing most of the known problems with printing
  to IPP printers or servers.
* debian/patches/ipp-backend-fails-to-trigger-authentication-prompts.patch,
  debian/patches/ipp-backend-http-1.0-fallback-fix.patch,
  debian/patches/ipp-backend-missing-document-type.patch: Removed old
  patches for the IPP backend.

[ Martin Pitt ]
* test-i18n-nonlinux.patch: Fix typo in #if which broke the patch. Hopefully
  Closes: #662996 for good now.

92. By Martin Pitt

* Add fix-empty-translations.patch: Do not translate msgids to empty
  strings. Backported from upstream SVN. (LP: #953321)
* Add test-i18n-nonlinux.patch: Do not run the CUPS_EUC_JP test case on
  BSD/Hurd either, as glibc's iconv behavior is different than what the test
  expects. (Closes: #662996)
* debian/local/apparmor-profile: Allow gs to read /proc/*/auxv; it's
  harmless information. (LP: #936629)
* debian/cups.dirs, debian/rules: Disable /usr/local/share/ppd/ directory
  for now, until dh_usrlocal stops failing on those.

91. By Martin Pitt

[ Till Kamppeter ]
* debian/cups.postinst: Run "triggered" code porion of cups postinstall
  script also when configuring cups ("configure") so that when cups
  and a printer driver package (which triggers cups to update the PPD files
  of existing print queues) get updated together the PPD update for sure
  happens also if the driver's trigger action is not executed due to cups
  also being updated (LP: #932882).

[ Martin Pitt ]
* debian/control: Wrap dependencies.
* debian/control, debian/rules: Move from hardening-wrapper to using
  dpkg-buildflags. Bump dpkg-dev build dependency to (>= 1.16.1~) for this.
* Add tests-ignore-warnings.patch: Ignore warnings from colord and Avahi in
  the tests, as they change the expected number of warnings. These services
  are not running in a buildd environment.
* debian/rules: Have package fail to build on test failures again.
* debian/copyright: Convert to copyright format 1.0, and update to current
  license/copyrights.
* debian/control: Bump Standards-Version to 3.9.3.
* debian/control: Build against libpng-dev, with an alternative to the older
  libpng12-dev. (Closes: #662294)
* debian/control: Prefer building against libtiff5-dev if available, falling
  back to libtiff-dev.
* Add tests-ignore-usb-crash.patch: Ignore "[cups-deviced] PID 17962 (usb)
  crashed on signal 11!" errors in the log during the test suite. This seems
  to regularly happen on Debian/Ubuntu buildds.

90. By Martin Pitt

Upload current Debian packaging bzr, as it's not appropriate to upload to
Debian sid at the moment.

[ Till Kamppeter ]
* debian/cups.postinst: Run "triggered" code porion of cups postinstall
  script also when configuring cups ("configure") so that when cups
  and a printer driver package (which triggers cups to update the PPD files
  of existing print queues) get updated together the PPD update for sure
  happens also if the driver's trigger action is not executed due to cups
  also being updated (LP: #932882).

[ Martin Pitt ]
* debian/control: Wrap dependencies.
* debian/control, debian/rules: Move from hardening-wrapper to using
  dpkg-buildflags. Bump dpkg-dev build dependency to (>= 1.16.1~) for this.
* Add tests-ignore-colord-warnings.patch: Ignore warnings from colord in the
  tests, as they change the expected number of warnings.
* debian/rules: Have package fail to build on test failures again.
* debian/copyright: Convert to copyright format 1.0, and update to current
  license/copyrights.
* debian/control: Bump Standards-Version to 3.9.3.

89. By Till Kamppeter

debian/patches/commandtops-make-robust-against-broken-postscript.patch:
CUPS' commandtops filter allows auto-configuration of the default option
settings of PostScript printers querying the printer using PostScript
commands defined in the PPD file ("*?..." entries). Problem is that if
one of the query commands has a PostScript error (rather common in
manufacturer-supplied PPD files) the printer errors out and ignores all
subsequent queries putting the auto-configuration job into a 90-second
timeout for each query. This patch protects the job against failures
on broken PostScript and shortens the timeout to 10 seconds, so that
as many options as possible get auto-configured in a reasonable time.
Thanks to Helge Blischke for applying the needed PostScript tricks
(CUPS STR #4028). No auto-configuration of PostScript printers actually
works by sending a job like 'echo -en '#CUPS-COMMAND\nAutoConfigure\n' |
lp -d <printer>' which could be done by a button in a printer setup tool.

Branch metadata

Branch format:
Branch format 7
Repository format:
Bazaar repository format 2a (needs bzr 1.16 or later)
Stacked on:
lp:ubuntu/raring/cups
This branch contains Public information 
Everyone can see this information.

Subscribers