pkgsrc-Changes archive
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]
CVS commit: pkgsrc/print/cups
Module Name: pkgsrc
Committed By: tonnerre
Date: Wed Oct 22 21:48:16 UTC 2008
Modified Files:
pkgsrc/print/cups: Makefile PLIST distinfo
Removed Files:
pkgsrc/print/cups/patches: patch-au
Log Message:
Upgrade cups to version 1.3.9 in order to fix CVE-2008-3639, CVE-2008-3640
and CVE-2008-3641. Also, it fixes a ton of bugs and has portability
enhancements. Full list of changes:
- SECURITY: The HP-GL/2 filter did not range check pen numbers
(STR #2911)
- SECURITY: The SGI image file reader did not range check
16-bit run lengths (STR #2918)
- SECURITY: The text filter did not range check cpi, lpi, or
column values (STR #2919)
- Documentation updates (STR #2904, STR #2944)
- The French web admin page was never updated (STR #2963)
- The IPP backend did not retry print jobs when the printer
reported itself as busy or unavailable (STR #2951)
- The "Set Allowed Users" web interface did not handle trailing
whitespace correctly (STR #2956)
- The PostScript filter did not work with Adobe applications
using custom page sizes (STR #2968)
- The Mac OS X USB backend did not work with some printers
that reported a bad 1284 device ID.
- The scheduler incorrectly resolved the client connection
address when HostNameLookups was set to Off (STR #2946)
- The IPP backend incorrectly stopped the local queue if
the remote server reported the "paused" state.
- The cupsGetDests() function did not catch all types of
request errors.
- The scheduler did not always log "job queued" messages
(STR #2943)
- The scheduler did not support destination filtering using
the printer-location attribute properly (STR #2945)
- The scheduler did not send the server-started,
server-restarted, or server-stopped events (STR #2927)
- The scheduler no longer enforces configuration file
permissions on symlinked files (STR #2937)
- CUPS now reinitializes the DNS resolver on failures
(STR #2920)
- The CUPS desktop menu item was broken (STR #2924)
- The PPD parser was too strict about missing keyword
values in "relaxed" mode.
- The PostScript filter incorrectly mirrored landscape
documents.
- The scheduler did not correctly update the
auth-info-required value(s) if the AuthType was Default.
- The scheduler required Kerberos authentication for
all operations on remote Kerberized printers instead
of just for the operations that needed it.
- The socket backend could wait indefinitely for back-
channel data with some devices.
- PJL panel messages were not reset correctly on older
printers (STR #2909)
- cupsfilter used the wrong default path (STR #2908)
- Fixed address matching for "BrowseAddress @IF(name)"
(STR #2910)
- Fixed compiles on AIX.
- Firefox 3 did not work with the CUPS web interface in SSL
mode (STR #2892)
- Custom options with multiple parameters were not emitted
correctly.
- Refined the cupstestppd utility.
- ppdEmit*() did not support custom JCL options (STR #2889)
- The cupstestppd utility incorrectly reported missing
"en" base translations (STR #2887)
- Documentation updates (STR #2785, STR #2861, STR #2862)
- The scheduler did not add the ending job sheet when the
job was released.
- The IPP backend did not relay marker-* attributes.
- The CUPS GNOME/KDE menu item was not localized for
Chinese (STR #2880)
- The CUPS GNOME/KDE menu item was not localized for
Japanese (STR #2876)
- The cupstestppd utility reported mixed line endings for
Mac OS and Windows PPD files (STR #2874)
- The pdftops filter did not print landscape orientation PDF
pages correctly on all printers (STR #2850)
- The scheduler did not handle expiring of implicit classes
or their members properly, leading to a configuration where
one of the members would have a short name (STR #2766)
- The scheduler and cupstestppd utilities did not support
cupsFilter and cupsPreFilter programs with spaces in their
names (STR #2866)
- Removed unused variables and assignments found by the
LLVM "clang" tool.
- Added NULL checks recommended by the LLVM "clang" tool.
- The scheduler would crash if you started a printer that
pointed to a backend that did not exist (STR #2865)
- The ppdLocalize functions incorrectly mapped all generic
locales to country-specific locales.
- The cups-driverd program did not support Simplified Chinese
or Traditional Chinese language version strings (STR #2851)
- Added an Indonesian translation (STR #2792)
- Fixed a timing issue in the backends that could cause data
corruption with the CUPS_SC_CMD_DRAIN_OUTPUT side-channel
command (STR #2858)
- The scheduler did not support "HostNameLookups" with all of
the boolean names (STR #2861)
- Fixed a compile problem with glibc 2.8 (STR #2860)
- The PostScript filter did not support %%IncludeFeature lines
in the page setup section of each page (STR #2831)
- The scheduler did not generate printer-state events when the
default printer was changed (STR #2764)
- cupstestppd incorrectly reported a warning about the PPD format
version in some locales (STR #2854)
- cupsGetPPD() and friends incorrectly returned a PPD file for
a class with no printers.
- The member-uris values for local printers in a class returned
by the scheduler did not reflect the connected hostname or
port.
- The CUPS PHP extension was not thread-safe (STR #2828)
- The scheduler incorrectly added the document-format-default
attribute to the list of "common" printer attributes, which
over time would slow down the printing system (STR #2755,
STR #2836)
- The cups-deviced and cups-driverd helper programs did not set
the CFProcessPath environment variable on Mac OS X (STR #2837)
- "lpstat -p" could report the wrong job as printing (STR #2845)
- The scheduler would crash when some cupsd.conf directives
were missing values (STR #2849)
- The web interface "move jobs" operation redirected users to
the wrong URL (STR #2815)
- The Polish web interface translation contained errors
(STR #2815)
- The scheduler did not report PostScript printer PPDs with
filters as PostScript devices.
- The scheduler did not set the job document-format attribute
for jobs submitted using Create-Job and Send-Document.
- cupsFileTell() did not work for log files opened in append
mode (STR #2810)
- The scheduler did not set QUERY_STRING all of the time
for CGI scripts (STR #2781, STR #2816)
- The scheduler now returns an error for bad job-sheets
values (STR #2775)
- Authenticated remote printing did not work over domain
sockets (STR #2750)
- The scheduler incorrectly logged errors for print filters
when a job was canceled (STR #2806, #2808)
- The scheduler no longer allows multiple RSS subscriptions
with the same URI (STR #2789)
- The scheduler now supports Kerberized printing with
multiple server names (STR #2783)
- "Satisfy any" did not work in IPP policies (STR #2782)
- The CUPS imaging library would crash with very large
images - more than 16Mx16M pixels (STR #2805)
- The PNG image loading code would crash with large images
(STR #2790)
- The scheduler did not limit the total number of filters.
- The scheduler now ensures that the RSS directory has
the correct permissions.
- The RSS notifier did not quote the feed URL in the RSS
file it created (STR #2801)
- The web interface allowed the creation and cancellation
of RSS subscriptions without a username (STR #2774)
- Increased the default MaxCopies value on Mac OS X to
9999 to match the limit imposed by the print dialog.
- The scheduler did not reject requests with an empty
Content-Length field (STR #2787)
- The scheduler did not log the current date and time and
did not escape special characters in request URIs when
logging bad requests to the access_log file (STR #2788)
To generate a diff of this commit:
cvs rdiff -r1.135 -r1.136 pkgsrc/print/cups/Makefile
cvs rdiff -r1.24 -r1.25 pkgsrc/print/cups/PLIST
cvs rdiff -r1.56 -r1.57 pkgsrc/print/cups/distinfo
cvs rdiff -r1.11 -r0 pkgsrc/print/cups/patches/patch-au
Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.
Home |
Main Index |
Thread Index |
Old Index